This guide will walk you through how to setup a continuous DAST scan. In involves two steps which are as follows:
Choosing the Target:
- In this step, you need to select the asset against which the identified vulnerabilities will be reported and the target URL on which the DAST scan will be run.
- In order to select an asset, click on the Asset field and a dropdown will list out all the assets that are of the type 'Web'. Select one of the assets from the dropdown.
- Next, enter the target URL on which you want the scan to be run.
Choosing the Frequency:
- In this step you need to select the schedule frequency at which the configurations will be run.
- There are three available options as follows:
- Daily
- Weekly
- Monthly
The following are the instructions to add a new web asset.
Adding an Asset
- Navigate to the Assets page.
- Click on 'Add New Asset'.
- Select the 'Asset type' that you need to add.
- Based on the type of asset which you have selected, the relevant fields against those assets will be available.
Adding a Web Asset
If you have selected the asset type as Web, the following are the fields that will be provided to you:
Mandatory Fields:
- Asset name - Provide a unique name for the asset which you need to add. The same asset name cannot be used more than once.
- Application URL - Provide the URL of the web application.
-
Business Sensitivity - Provide the business sensitivity of the asset. Under business sensitivity you will be provided with five options and you can only choose one out of the five. The following are the options:
- Critical
- High
- Medium
- Low
- None
-
Asset Exposure - Provide the exposure of the asset over the internet. You will be provided with two options and you can only choose one. The following are the options:
- Public
- Private
- Any mandatory custom fields which you have created. More about custom fields here.
Optional Fields:
- Tags - Provide any tags that you need to add to the asset.
- Any optional custom fields which you have created.
Once you have provided the relevant information, click on 'Submit' and the asset will be created.
Comments
Article is closed for comments.