Dynamic Security
Last updated
Last updated
On the Dynamic Security menu you can identify, analyze, and address the potential vulnerabilities that arise while your website is running.
Here are the steps to add the site addresses to be scanned.
On the Cloud services portal page click the Site Scan menu in Dynamic Security on Deka AST.
Click the Create Sites button to add the addresses of web links to be scanned.
In the first step, you are asked to fill in the site to be scanned by filling in several fields.
Site Name
The name of the site to be created.
Description
Description of the site to be created.
URL
The url of the site to be created.
Environment Site
a. Development: site still under development. b. Staging: site that is already duplicated from an active Production site and you can make changes without having to think about risks. c. Production: site is already in the production
On the Site Details page, fill in the fields Site Name, Description, URL, Environment Site and click the Next Step button.
On the Configure Site page in the Type section you can choose Dynamic Website or API.
On the Dynamic Website type, there are scanning options, namely Full Scan and Basic Scan.
You can select authentication to neither enable nor enable. If using authentication you must fill in several columns.
Login URL
Website address. For example: https://localhost:host/host
Username field name
Username field name website.
Username
The username for login the website.
Password field name
Password field name website.
Password
Password for login the website.
Submit field nama
Button name.
On the Configure Site page, selecting the API site type, there is one step before starting the scan, namely Upload Content.
API Tpe
In the site type column there are three APIs provided: a.SOAP uses XML files to transmit data over HTTP/HTTPS. b. GraphQL uses data consumption with GraphQL. c.REST/Open API using data consumption with Rest/Open API.
Default Rule (Optional)
Add custom rules to your site.
Custom Rule (Optional)
Add custom rules to your site.
The next step is to upload the API collection.
Click the Create Site and Scan Site button.
Wait until the scanning process is complete and you will automatically go to the Dynamic Security page showing the scan results.
Download the report from the scan results, you can see sub-section 19.15.2 Dynamic Security Report. Here are the steps to view the scan logs:
On the Cloud services portal page click the Scan History menu in Dynamic Security on Deka AST.
On column Action press the details button.
You can view the scan results in detail.
Here are the steps to remove a site from Dynamic Security:
On the Cloud services portal page click the Site Scan menu in Dynamic Security on Deka AST.
Select the site to delete.
Click the Settings icon button.
Enter the name of the site to delete and click the Delete button.
Click the Yes, sure button to continue the process.
