Purpose

This document describes how to create and manage scan credentials in Outpost24 Portal UI.

Introduction

In the Credentials view, the test credentials that are used for authenticated scanning or scoping can be created and securely managed.

Note

The Credentials accessible through Appsec in OUTSCAN or HIAB or by the portal.


Requirement

To add credentials to an account, the account first need to be created in OUTSCAN.
See Manage Users for more information on adding user accounts.

Getting Started

There are several ways to login to Appsec :

  • From OUTSCAN
  • From a HIAB
  • From the new Outpost24 portal

OUTSCAN

To launch the Appsec application from OUTSCAN, navigate to https://outscan.outpost24.com.

Note

Use HTTPS protocol.

Login OUTSCAN

  • Log in using your credentials.
  • To access the Appsec module, go to Main Menu > Portal.

HIAB

To launch the Appsec application from HIAB, connect to the HIAB by using its assigned network address.

Login HIAB

  • Log in using your credentials.
  • To access the Appsec module, go to Main Menu > Portal.

Portal

Open a browser and navigate to https://outscan.outpost24.com/portal

Note

Use HTTPS protocol.

Login Portal

Enter your credentials and click the blue arrow button.


Credential


Account dashboard

  1. Click the account icon in the upper right corner.

    Note

    The account icon varies depending on the username name.

  2. Click Credential to display the available credentials on the account.

Add Credentials

To add credentials:

  1. Click on the Add Credentials button in the lower right corner.

    Credentials

  2. In the drop-down menu, select the type of credentials you want to add.
    The following types of credentials are available:
    1. Web - for web-form based authentication
    2. Basic - for Basic HTTP authentication as specified in RFC 7617 [1]
    3. VMware vSphere
    4. Google Cloud Platform
    5. Amazon Web Services
    6. Microsoft Azure
    7. Docker

      Add Credentials

  3. Depending on what type of credential you select, various options are displayed. Fill in the relevant information for each row.
    The example shows Basic Credentials.

    Basic Credentials


  4. Click ADD to add the credentials to your account.
  5. In the Web credentials, the Add new field allows you to add further information.

    Web credentials

  6. Select the credential type from the following drop-down menu.
    • Username
    • PIN
    • Security Question
    • Domain
    • E-mail
    • Member number
    • Password
    • Security Answer
    • Phone Number
    • First Name
    • Last Name
    • Token
    • Other

  7. Add a values for the selected credentials.

    Username

Credentials of type Password, PIN, Security answer, and Token are masked in the view:

Password

Click the View icon to temporary unmask the credential.

View


Edit Credentials

To edit the credentials,

  1. Click on Edit.
    Edit

  2. The Edit credentials window is displayed.

     Edit credentials
  3. Edit the details and click Save.

Delete Credentials

To permanently delete user credentials:

  1. Click on Delete.
    Delete
  2. Verify by clicking on the red delete button.

    Final Delete

Reference

  1. RFC 7617 https://tools.ietf.org/html/rfc7617