Add an App

Apps are a way to group your targets together, which in turn allow you to tune scans consistently for all targets in a single grouping, to group results into one place, and to track improvements over time. In order to scan a web application, you will have to create an App and add the URLs of your application to this app.

Note

During an InsightAppSec scan, your web application may experience a high amount of incoming network traffic. Some firewalls may block attack traffic and prevent InsightAppSec from testing your application for vulnerabilities. In such cases, you must whitelist the IP addresses of the InsightAppSec cloud engines to scan your web applications.

Add an App with the Add App Wizard

  1. From the left menu, go to Targets and verify that the domain you wish to scan is in the “Target Domains” list and it is enabled.

Note

If you wish to scan multiple subdomains of a website, such as mail.mysite.com and blog.mysite.com, you need to add them individually to this list. The “Target Domains” list does not accept URLs with wildcards such as *.mysite.com.

Add Targets

  1. Go to the “All Apps” screen and click the Add App button to start the “Add App Wizard”. Provide a name and optionally a description for this app on the “Details” screen.

Add App

  1. On the "Target URLs" step, use the + button to add individual URLs.

Add URLs

  1. From the "Users" step, you can assign users to a particular App.

Completing the wizard takes you to the home page inside the App, where your next step is to create a Scan Configuration.