Question
Information
This article defines and describes the use of Assessments in Trustwave App Scanner. Please refer to the User Guide available with the product for more information.
In Trustwave App Scanner, an assessment consists of a collection of tests, which can contain both application tests and infrastructure tests.
- An application test applies SmartAttacks to the traversals you create (either interactive or spidered).
- An infrastructure test performs security scans of the network and server infrastructure supporting your web application.
You combine traversals and SmartAttacks to create assessments in either the ASE web UI or the Desktop Client. Each assessment can have customized default parameters for each SmartAttack, allowing more flexibility per web application.
Notes:
Although an assessment can contain as many tests as necessary, Trustwave recommends that you start with a limited number of tests. You can increase the number as you learn how long different tests can take, what the impact of different kinds of tests is on the target application, and how to construct the testing to provide the most meaningful results.
- This article was previously published as:
- Cenzic Solution 71
