API scanning

How do I set up SOAP API scanning?

To scan a SOAP API of a web application, please follow these steps.

  1. log in to Security Center.
  2. Click Asset Manager in the main menu.
  3. Click Web applications.
  4. Choose Add web application.
  5. Under General information add the URL of the WSDL file for the SOAP API under Target and set a name under Application name.
  6. Verify that the WSDL file URL is accessible to the External node or Scanner appliance
  7. Click OK to save.
  8. Done!

Please notice that the WSDL will automatically be parsed and all endpoints be scanned for vulnerabilities.