Create a new scan from a scan file

You can upload your own AppScan Standard scan (SCAN) file to run an ASoC scan.

Before you begin

  • Back up your site before scanning.
  • If you have not yet done so, Create an application for your scans.
  • Verify to ASoC your permission to scan the domain (see Verifying a domain)
  • If your site is not available on the Internet, and an AppScan Presence does not yet exist on the server: Creating the AppScan Presence.
  • When configuring a scan in AppScan Standard that requires an OTP, you must use action-based login, not request-based login. See the AppScan Standard documentation for details.

Procedure

  1. On the specific Application page, click Create scan, then click Create scan under DAST Dynamic Analysis to open the wizard.
  2. Select From scan file.
  3. Upload file: Drag and drop the scan (SCAN) file into the dialog, or click to select the file.
    Note: Enable "Allow intervention" during scan creation to allow the Scan Enablement Team to examine the scan in the event of a failure. By default, intervention is disabled for uploaded scans or templates.
    The file is opened and the starting URL from the configuration is filled in the URL field.
  4. If your file includes Explore data, you are given the option of running the Test stage only, or a full scan (Explore and Test stages):
    • Run a full scan, or
    • Run Test stage only
  5. Network:

    Setting

    Options

    Type
    Public (default)
    Your site is available on the Internet.
    Private
    Your site is not available on the Internet. Select your presence from the list of connected presences.
    Note: If you have not yet created an an AppScan Presence you can do so now by clicking the AppScan Presences page link, and referring to Creating the AppScan Presence.
  6. Schedule:

    Setting

    Options

    Scan now

    Your scan runs as soon as set up and review are complete.

    Save for later

    Your configuration is saved when completed. You can run the scan later.
    Schedule
    Your configuration is saved, and one or more scans run as configured:
    1. Select a date and time. Enter these according to the time zone configured on your machine, but note that times will be converted to UTC when displayed in the user interface.
    2. To run the scan more than once, select the Repeat, and then choose:
      • Daily, and select a daily interval (1-30 days)
      • Weekly, and select which day, or
      • Monthly, select a monthly interval, and then select which numerical day of the month, or which weekday of the month (first, second, third, fourth, last).
      Note: If the maximum number of concurrent scans are running when the scheduled time arrives, the scan starts as soon as allowed by your subscription.
    3. Set the End date (the last date a scan will run), or click Remove end date to have the schedule run indefinitely.
  7. Click Review and scan.
    At review, you can edit the default name that was given to the scan. You can also elect to run the scan as a personal scan, and to receive email notification when the scan is complete.
  8. Click Scan Now.
  9. Click Scan.

Results

The new scan is added to the Scans view with its starting time, and a progress bar indicates that the scan is running. When the scan is complete the progress bar closes, the results are summarized in a graph, and (if selected) you receive an email notification. See Results.
Note: Free Plan scans are limited to four hours in length, so large or complex sites may not be completely covered by these.