Step 1: Configuring the scan

About this task

The Scan Configuration Wizard provides an easy way to configure a scan, when you do not need to change many of the default configuration settings.

Procedure

  1. On the home screen click Web applications or, click File > New > Web application scan.

    The URL and Servers step of the wizard opens.

  2. Enter the URL of your application in the text box.

    AppScan attempts to connect to the server, and the green Connected to server messages appears when this succeeds.

  3. Click Next.

    The Login Management step appears, with the Recorded radio button selected.

  4. Click Record, and select the AppScan Chromium browser.

    The browser opens to the starting URL that you defined in the previous step. Your browsing is now being recorded by AppScan.

  5. Log into your application with an authorized username and password.
  6. When you have successfully logged-in, close the browser.

    The "Login Sequence" (the sequence of links that achieved the logged-in state) is displayed (see Record login with a browser for more details), and the gray key icon turns green, indicating that in-session detection is active.

    This: key with warning icon changes to this: key with checkmark icon

  7. Click Next.

    The Test Policy step appears, with the Default policy selected.

  8. Click Next.

    The Test Optimization step appears.with the Fast option selected.

  9. Click Next.

    The final step of the wizard appears. You are now ready to run the scan (see Step 2: Running the scan).

    Note: Although it is possible to start the automatic scan at this stage, in many cases a better result will be achieved by manually exploring the application first, as a regular user would (see Using a browser).