HCL AppScan Traffic Recorder

The HCL AppScan Traffic Recorder (DAST proxy) enables you to record traffic to use as Explore data. Traffic Recorder instances can be created on demand to record traffic that will later be used for a DAST scan.

In the world of DevOps it's increasingly important to be able to incorporate security scans in your CI/CD processes. If you use an automation framework (such as Selenium), you can take advantage of the scripts that are already written to create tailor-made scans.
  • Using the HCL AppScan Traffic Recorder, you can automatically start a traffic recorder instance. The requests from the automation framework to the web application are recorded as they are sent through the recorder. The traffic is saved in HAR format in a file with the DAST.CONFIG suffix, that you can later upload to be used by AppScan as Explore data for a scan.
  • You can record traffic manually, through the traffic recorder, to create a DAST.CONFIG file.
  • To upload your own HAR file to AppScan on Cloud without using the traffic recorder, first compress it into a ZIP file, and then change the filename extension to dast.config.