Skip to main content

DAST built-in scanner step reference

You can use this step to add a built-in Zed Attack Proxy (ZAP) scan to detect vulnerabilities in your application instances. Built-in steps enable you to add scans quickly and with minimal configuration. These steps use scanners that are free to STO users and are ready to run as soon as you add them to your pipeline.

  • This step is currently behind the feature flag STO_ONE_CLICK. Contact Harness Support to enable it.

  • Currently only Zed Attack Proxy (ZAP) scans are available for this step.

  • You must specify the application domain that you want to scan before you can add the step.

  • The step detects your target and variant automatically.

  • All other settings such as Log Level and Fail on Severity are set to their defaults.

  • You can configure the ZAP step after you add it to your pipeline, but this is optional.