Dynamic Security
On the Dynamic Security menu you can identify, analyze, and address the potential vulnerabilities that arise while your website is running.
Create Site
Here are the steps to add the site addresses to be scanned.
On the Cloud services portal page click the Site Scan menu in Dynamic Security on Deka AST.
Click the Create Sites button to add the addresses of web links to be scanned.
In the first step, you are asked to fill in the site to be scanned by filling in several fields.
Column | Description |
---|---|
Site Name | The name of the site to be created. |
Description | Description of the site to be created. |
URL | The url of the site to be created. |
Environment Site | a. Development: site still under development. b. Staging: site that is already duplicated from an active Production site and you can make changes without having to think about risks. c. Production: site is already in the production |
On the Site Details page, fill in the fields Site Name, Description, URL, Environment Site and click the Next Step button.
On the Configure Site page in the Type section you can choose Dynamic Website or API.
Dynamic Website
On the Dynamic Website type, there are scanning options, namely Full Scan and Basic Scan.
You can select authentication to neither enable nor enable. If using authentication you must fill in several columns.
Column | Description |
---|---|
Login URL | Website address. For example: https://localhost:host/host |
Username field name | Username field name website. |
Username | The username for login the website. |
Password field name | Password field name website. |
Password | Password for login the website. |
Submit field nama | Button name. |
API
On the Configure Site page, selecting the API site type, there is one step before starting the scan, namely Upload Content.
Column | Description |
---|---|
API Tpe | In the site type column there are three APIs provided: a.SOAP uses XML files to transmit data over HTTP/HTTPS. b. GraphQL uses data consumption with GraphQL. c.REST/Open API using data consumption with Rest/Open API. |
Default Rule (Optional) | Add custom rules to your site. |
Custom Rule (Optional) | Add custom rules to your site. |
The next step is to upload the API collection.
Click the Create Site and Scan Site button.
Wait until the scanning process is complete and you will automatically go to the Dynamic Security page showing the scan results.
Scan History
Download the report from the scan results, you can see sub-section 19.15.2 Dynamic Security Report. Here are the steps to view the scan logs:
On the Cloud services portal page click the Scan History menu in Dynamic Security on Deka AST.
On column Action press the details button.
You can view the scan results in detail.
Delete Site
Here are the steps to remove a site from Dynamic Security:
On the Cloud services portal page click the Site Scan menu in Dynamic Security on Deka AST.
Select the site to delete.
Click the Settings icon button.
Enter the name of the site to delete and click the Delete button.
Click the Yes, sure button to continue the process.