Automation Frameworks

You can use scripts written for your QA automation framework (such as Selenium) to create Manual Explore recordings for an AppScan scan.

If your QA personnel use an automation framework to run functional tests on your web app, you can take advantage of the scripts that are already written to create tailor-made scans. The requests from the automation framework to the app are sent with AppScan as proxy, enabling AppScan to record the actions as an Explore stage for its own scan. AppScan then tests the site based on that Explore stage. This is done using the AppScan CLI.

In principle you create and run a batch command that does the following:
  1. Open AppScan and configure:
    1. Starting URL
    2. User credentials
    3. Test Only
    4. Open AppScan's proxy with a specific listening port
  2. Run the automation framework script through the same port.
  3. When the script ends, close AppScan’s proxy and the Test stage starts.
  4. Save the scan results, and optionally create and save a report.
The section following describes how to test the AppScan demo test site using Selenium, but the process can easily be adapted for any site and any automation framework.