I need to scan some of our web services. It requires a WSDL file, I have reached out to the developers for this and they have provided it. After I step thru the wizard it launches the Design window. I have no idea what to do here.
Any information or training material is appreciated.
SOAP-based services are scanned via the Web Services Scan wizard. The Web Service Design tool is used prior to the scan to prepare the SOAP details to help WebInspect understand and Crawl the web service effectively. It also permits configuration of various certificate-based authentication to the web service, as needed.
RESTful are scanned using the standard Web Site Scan wizard. Import the WADL file to the Custom Parameters scan settings. If the WADL is missing, you must check the Recommendations pane for post-scan analysis to see if new Custom Parameters has suggestions to edit the Current Scan Settings. You would accept those, then use the Rescan button (toolbar area) to "rinse-and-repeat".
The Help Guides (F1 button) in WebInspect and in the Web Service Design tool offer a host of details.