Document Version: 3.6

Date2020-04-06


Copyright

© 2021 Outpost24® All rights reserved.

This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.


Introduction

This document describes the prerequisites to run scans in Outpost24 Portal and how to get started with the portal interface.

Prerequisites

To run scans in Outpost24 Portal, the reader needs basic access to the OUTSCAN/HIAB account with an Appsec subscription.

Caution

Make sure that the private IP range 10.88.0.0/16 is not used in your environment, since this is used to communicate with a restricted container on the scanner. Having targets in this range while using the side scripts feature may cause issues while scanning them.

Login

There are several ways to login to Appsec:

  • From OUTSCAN
  • From a HIAB
  • From the Outpost24 portal

OUTSCAN and HIAB

To access the Outpost24 Portal view from OUTSCAN, navigate to https://outscan.outpost24.com.

The Outpost24 Portal is also available on the HIAB appliances and can be reached on https://your-appliance-ip.

Note

The portal is reachable only via HTTPS.

Appsec_Scan_01

  1. Log in using your credentials.
  2. To access the Appsec module, go to Main Menu > Portal.

Portal

Open a browser and navigate to https://outscan.outpost24.com/portal.

Note

Use HTTPS protocol.

Appsec_Scan_02

Enter your credentials and click on the blue arrow button.

Logout

Click the Logout icon in the upper right corner of the window.

The logout window is displayed. 

APPSEC24

To log out from the Appsec application, click on the red LOGOUT button.

List of Icons

IconNameComment

Show Column
Hide Column

Click on the empty box to view the column in the table. 
Click on the blue box to hide the column from the table.

Filter

This displays the Filter and Settings panel.

Clear

Restores the search phrase and lists all of the columns unfiltered.

Clear Filter

Clears all of the filters applied to the table.

Filter Counter

Counts the number filters that are applied to the table.

Multi-level Sorting

Displays the number of sorting levels based on the columns.

Settings

Toggle the settings panel.

Save

Save the preferred settings.

Logout

Log out from the Appsec application.

Account

Displays the Account view where you can access a list of available subscriptions as well as a list of licenses of third-party software that is embedded into the platform.

Note

The letter in the account box varies depending on the name of the account.


Add Credentials

Allows to add a new credentials to your account.

New, ADD, Plus

Add new function such as filters, applications, groups and so on.

Export, Generate Report

Export report to other format, for example PDF, XML, or Excel.

Group Tree

Displays the group tree toolbar.

Scan Now

Start a scan immediately.

Download

Download a generated report.

Delete

Delete the selected content.

Edit

Allows you to update.

View

Unmasks credential.

All Downloads

Displays the list of generated reports and blueprints, where you can download.

Refresh

Refresh the display.

APPSEC60

Download URLs

Download a list of URLs.

Request Verification

Request verification of the finding.

Change Risk

Change the risk level of the finding.

Accept Risk

Mark finding as an accepted risk.

Mark as Fixed

Change the status of finding to fixed.

Unmark as Fixed

Change the status of finding to not fixed.

Unaccept Risk

Remove the accepted flag from the finding.

Mark as False Positive

Mark finding as a false positive.

Unmark as False Positive

Remove the false positive flag from the finding.

Mark as Exception

Sets the compliance finding as exception (accepted risk) till the desired date. 

Unmark as Exception

Resets the compliance finding to its original status.

Information

Quick information about the function.

Batch Edit

Edit multiple entries at once.

Submit for Scoping

Submit entries for SWAT/Snapshot/Assure scoping.

Stop Scan

Ends the selected scan.

Add Tag

Allows to add a tag.

Remove Tag

Allows to remove a tag.

Configure Asset

Creates a default configuration for the selected asset. 

Download Blueprint

Generates a Blueprint if available. 

Assign Role

Allows to assign a role to a user.

Assign Resource Group

Allows to assign a resource group to a user.

Toolbar

 The available views in Appsec are:

  • Dashboard (only if enabled on the account)
  • Assets
  • Findings
  • Configurations
  • Automation
  • Scans
  • SWAT Assets (only if SWAT subscription exists)
  • SWAT Findings (only if SWAT subscription exists)



On the right side of the toolbar:

  • All downloads
  • Logout
  • Accounts

Note

The letter in the account box varies depending on the name of the account.


Loading took: At the bottom of the frame there is an indication of the time taken by the server to return the list of items visible inside the table, the timing is updated when filtering or vertically scrolling inside the table.

Refresh the page by clicking on the Refresh icon down to the left.

APPSEC 58