Skip to content

G
gitlab-ce
Commit 764dd691 authored by Seth Berger's avatar Seth Berger Committed by Russell Dickenson
Browse files
Options

Added warning on authenticated scans

parent 79c2fc75
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 0 deletions
doc/user/application_security/dast/index.md
View file @ 764dd691
...@@ -148,6 +148,9 @@ The results will be saved as a ...@@ -148,6 +148,9 @@ The results will be saved as a
that you can later download and analyze. that you can later download and analyze.
Due to implementation limitations, we always take the latest DAST artifact available. Due to implementation limitations, we always take the latest DAST artifact available.
DANGER: **Danger:**
**DO NOT** run an authenticated scan against a production server. When an authenticated scan is run, it may perform *any* function that the authenticated user can. This includes modifying and deleting data, submitting forms, following links, and so on. Only run an authenticated scan against a test server.
### Full scan ### Full scan
DAST can be configured to perform [ZAP Full Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan), which DAST can be configured to perform [ZAP Full Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan), which
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7