Skip to main content

Auto Generate Test Plan

1. Generate a security test plan for your APIs

  1. Click on Test Plans in the side panel and proceed to create a test plan by clicking New Test Plan.

  2. Pick Zero Config as the type of test plan to generate

  3. In the New Test Plan dialog pick a suitable name for the plan.

  4. Pick the previously imported API catalog as the API asset for this test plan.

  5. Proceed to generate the test plan. The generated test plan will have coverage for several security vulnerabilities.

    Zero Config Test Plans do not support horizontal authorization bypass (BOLA) tests. If you skipped providing RBAC association info via the metadata.yml file, no tests for vertical authorization bypass (BFLA) will be generated.

  6. Your new test plan will be in the Config Complete state, and is immediately runnable. Please proceed to the next step.