Tool Mentor: Conducting a Security Assessment using IBM Rational AppScan
This tool mentor provides the main steps that you need to follow when you perform a vulnerability assessment.
Tool: IBM Rational AppScan
Relationships
Related Elements
Main Description

 Follow these steps when you're conducting a security assessment with IBM® Rational® AppScan®:

  1. Select Template for new scan
  2. Select Application or Web Service scan
  3. Use the Rapid Scan Configuration wizard:
    • Applications:
      1. Enter Start URL
      2. Perform Manual Login
      3. [Optional] Review Test Policy
    • Web Services:
      1. Enter WSDL file location
      2. [Optional] Review Test Policy
      3. Send requests via Web Services Explorer
  4. Choose Normal Track or Fast Track:
    • Normal Track:
      1. Run Scan Expert
      2. Review suggested configuration changes and apply selectively
      3. Start Automatic Scan
    • Fast Track:
      1. Start Automatic Scan
      2. [optional] Allow Scan Expert to evaluate and adjust configuration automatically before scan starts
  5. Review Results and (as required):
    • Explore additional links manually
    • Print reports
    • Review remediation tasks