Home
Getting started
This section provides a short tour of basic product features and procedures, including using the wizard to set up a scan.
Tutorial
This simple tutorial goes through the steps of configuring a simple application scan using the Scan Configuration wizard, running the scan, and reviewing the results.
Step 2: Running the scan

Getting started
This section provides a short tour of basic product features and procedures, including using the wizard to set up a scan.
- Overview
- What's new
  This section describes new AppScan Standard product features and enhancements in this release, as well as deprecations and anticipated changes, where relevant.
- System requirements
  A summary of the minimum hardware and software required for the machine that runs AppScan Standard.
- Installing
  The installation wizard guides you through the fast and simple process.
- License
  This section describes for the trial and paid versions of AppScan Standard.
- How an automatic scan works
  This topic explains the difference between the "stages" and "phases" of a scan.
- Web application vs. web API
  This topic explains the different methods available for exploring sites, before AppScan tests them.
- Basic workflow
  A diagram showing a simple AppScan workflow using the scan configuration wizard.
- Home screen
  Describes the options available from the home screen that opens when you load AppScan.
- Tour of the main screens
  Describes the components of the AppScan main screen (Issues view), and all menus and toolbars.
- Tutorial
  This simple tutorial goes through the steps of configuring a simple application scan using the Scan Configuration wizard, running the scan, and reviewing the results.
- Sample files
  The sample files can help give you a feel for using AppScan and what scan results look like.

Step 2: Running the scan

About this task

When configuration is complete, you can run the scan.

Procedure

Select Start scan, then click Finish.

The progress panel at the bottom of the screen shows scan progress, and Dashboard, Data and Issues views are updated in real-time.

During the Explore stage, AppScan crawls your application to discover its pages and content. In Data view the application tree is updated as this happens, and eventually shows a complete tree of the site. Then, during the Test stage, AppScan runs thousands of tests on the site and reports the issues found and fix recommendations. During this part of the scan, Security Issues view is selected automatically and the Result List displays a dynamically updated list of discovered issues.

A scan can have multiple phases (a phase is a cycle of Explore followed by Test). This happens when AppScan discovers new links during the test stage, and needs to a scan, it will create new tests based on these links, and run an additional scan phase. The subsequent phase is usually shorter than the previous one, as only the new links are scanned. AppScan will add phases as long as it finds new URLs, or until it has reached the configured "scan limit". The default limit is four phases.

When the scan is complete, the Progress Panel closes, and you can review the results (see Step 3: Reviewing Scan Results).