This feature allows the scanner to login to a protected web application using HTML Form and continue the scan in order to find vulnerabilities within the protected web application.
In order to setup an authenticated web application scan see the following article:
General information (Form record)
Either you create a new record or use a pre-created record.
Authentication record name
The name of the record you wish to use.
Username (name of field)
The HTML name of the field where the username is applied.
The username which the scanner will use for login.
Password (name of field)
The HTML name of the login field.
The password which the scanner will use in order to login.
Add extra field
Use if additional fields are needed.
The URL where the authentication form is located.
Success validation URL
The URL which the user lands on after the login has been approved.
Success validation string
This is the string that is checked for validation after logged in.
The method which the scanner will use in order to apply the login information.