Skip to main content

Creating a New Project and Scanning from a Zip Archive

Notice

  • Initiating a scan is possible only within an existing project.

  • API Security currently supports Java - Spring 2.x and C# - ASP.NET 4.x Web API only.

To open the New Scan dialog:

  1. On the Application and Projects home page click Projects.

  2. Click <Scans.png Scan>. The New Scan dialog appears.

6223954308.png

To define the new scan:

Note

Mandatory fields are marked with red_asterix.png.

  1. In the New Scan dialog, enter the name of the project, if it is a new project. If it is an existing project, select it from the drop-down list.

    6223692183.png

    Note

    If the project doesn’t exist, the option to create it appears.

  2. Type the desired name for the project in the Project Name field, for example test111, and then enter it by clicking Create New Project “Tester_Pro”

  3. Note

    Once creating a new Project, the Incremental_Scan.png checkbox is greyed out. For additional information on incremental scans, refer to Incremental Scans (SAST Scanner).

    For additional information on Incremental Scans, refer to Incremental Scans (SAST Scanner).

  4. Under Source to Scan, select File.

    New_Scan_File_1.png
  5. Upload a zip archive. To do so, drag and drop a zip archive or click Select File to select and upload the zip archive.

    Note

    The Save as default repository for the project option is disabled.

    New_Scan_File_2.png
    New_Scan_File_3.png
  6. Under Scan Tags, add a tag to the new scan (optional).

    Tags can be added in two different formats:

    Label: <string>

    key:value: <string:string>

    New_Scan_File_4.png
  7. Click <Next>.

  8. Click <Next>The New Scan dialog appears and you are asked to select the scanners.

  9. Select one or more scanners.

  10. Click <Scan>. The New Scan dialog closes and the scan starts.

    Select_Scanners_.png

Note

Creating a new project and scanning a file may take a few minutes

Notice

If you select API Security, SAST is selected as well as API Security utilizes the SAST code to detect APIs.