Dast Scan

The Dynamic Application Security Testing (DAST) scan emphasis scanning of essential details such as the service URL and related configuration parameters that is collected from the ZAP integrator.

Before starting with the scan, create a project.

To Add a Project

• To add or update a new project with artifact scan configurations, click Add Project.

• The Create Project details page is displayed as shown below. Enter the details for the following fields:

• Name : Enter a name for the project.

• Team : Select the team for which you want to create the project.

• Scan Type : The default type is Dast Scan.

• Platform : Select the platform type, ZAP.

• Scan Type : The default scan type is Dast Scan.

• Account : Choose the needed account that has been integrated for the selected platform. If no account is available for the selected platform then click Add Account.

  • The integration page is displayed. You can add a new account.

• Service URL : Enter the URL link for which the scan needs to be done.

• Scan Level : Select the scan level; either Web level or App level for which the scan needs to be applied.

• Schedule Scan : You can set the scan schedule as to minutes or hours or days.

• Click Save.

The project gets added for scanning and the following overall scanning results are displayed.

• Total Scans

• Total Projects

• Auto Scan Enabled Repos

The panel at the bottom displays the project details. On expanding each project you can view the complete details of it.

• To edit the configuration details of the project, click the Edit Configuration button.

• Click the View option in the Action button, to view the SAST and SCA scan results of the project.

• Click the Download button to download the scan results.