Add and Delete Apps

Apps are a way to group your targets together, which in turn allow you to tune scans consistently for all targets in a single grouping, to group results into one place, and to track improvements over time. In order to scan a web application, you will have to create an App and add the URLs of your application to this app.


During an InsightAppSec scan, your web application may experience a high amount of incoming network traffic. Some firewalls may block attack traffic and prevent InsightAppSec from testing your application for vulnerabilities. In such cases, you must allowlist the IP addresses of the InsightAppSec cloud engines to scan your web applications.

Add an app with the Add App Wizard

  1. From the left menu, go to Targets and verify that the domain you wish to scan is in the “Target Domains” list and it is enabled.
  2. Go to the Apps page and click the Add App button to start the Add App Wizard. Provide a name and optionally a description for this app on the “Details” screen.
  3. On the "Target URLs" step, use the + button to add individual URLs.
  4. From the "Users" step, you can assign users to a particular App.

Completing the wizard takes you to the home page inside the App, where your next step is to create a Scan Configuration.

Scanning subdomains

If you wish to scan multiple subdomains of a website, such as and, use wildcards such as *

Delete apps

Apps are permanently deleted

When you delete an app, you cannot recover it. Deleting an app permanently deletes the associated scan configs and vulnerabilities.

  1. On the Apps page, select one or more apps to delete.
  2. Click the Delete icon.
  3. In the confirmation window, click Delete.