In order to initiate an AppScan SAST scan you will have to configure your AppScan credentials first. More about how to configure AppScan credentials here.
Usage Flow Instructions
- Once you have configured your credentials, navigate to 'Static Security Scanners' under 'Connectors' and click on 'AppScan SAST'.
- You will be prompted to enter your configuration details.
- Enter a 'Configuration Name', select your 'AppScan Credential' and the Agents as Strobes Default Agent.
- Select a 'Baseline' to log the vulnerabilities and click on 'Next'.
- Now select your code repository, an 'Asset' against which you want the vulnerabilities to get populated and select your AppScan Apps. More about creating AppScan applications and scans here.
Note: More about how to configure your code repository within Strobes here.
- Select the frequency of scheduling the config scan and click on 'Next'.
- Select any Tracking & Notification tool configurations if needed and click on Submit.
- The configuration is now created for you.
- Now click on 'New Scan' and you will be prompted to enter the 'Branch' on which you want to run the scan. Enter the name of your Branch and click on Scan.
- The scan will get initiated and once the scan is done the results will get populated against the Asset which you have chosen.