Configure Selenium Credentials Settings Automatically

Required Additional License: Tenable Web App Scanning

You can use the Tenable Web App Scanning Chrome Extension to record Selenium credentials and add those credentials automatically to new or existing scans.

For a demonstration on the Tenable Web App Scanning Chrome Extension, see the following video:

Note: The Tenable Web App Scanning Chrome Extension updates only Selenium credentials settings in web application scans. You must configure the other scan options via the Tenable Web App Scanning Chrome Extension interface.

Before you begin:

  • Download the Tenable Web App Scanning Chrome Extension from the Chrome Web Store.
  • Log in to Tenable Vulnerability Management, as described in Log in to Tenable Vulnerability Management.

To record selenium credentials via the Tenable Web App Scanning Chrome Extension:

  1. In the upper-right corner of your browser, click the Tenable Vulnerability Management logo.

    The Tenable Web App Scanning Chrome Extension Create a Scan window appears.

  2. Do one of the following:

    Task Action
    Record and add Selenium credentials to an existing scan
    • Click Add to Existing Scan.

      The Add to Existing Scan window appears, displaying a list of your existing scans.

    • In the search box, type the name of the scan you want to add Selenium credentials to.
    • Click the button.

      The Tenable Web App Scanning Chrome Extension filters the list by the name you typed.

    • Click the scan you want to add Selenium credentials to.
    Record and add Selenium credentials to a new scan
    • Click Create New Scan.

      The New Scan window appears.

    • In the Name box, type a name for your scan.
    • In the URL box, type the target in URL format for the web application you want to scan.
  3. Click Next.

    The extension opens to the link you provided as your scan target.

  4. Click Record.

    The Tenable Web App Scanning Chrome Extension begins recording your session.

    A message appears to indicate recording has begun.

  5. Perform the log in sequence you use to authenticate in to your web application.

  6. After you successful authenticate in to the system, highlight a section of text on the web page that appears only upon successful authentication (for example, Welcome, [your username]!).
  7. In the lower-right corner, click Done.
  8. (Optional) To play back your recorded login sequence, click Play.
  9. After you have successfully recorded your authentication login sequence, click Save.

    Tenable Web App Scanning Chrome Extension saves and imports your credentials to the scan.

What to do next:

  • If you used the Tenable Web App Scanning Chrome Extension to create a new scan, you must configure the other scan options in the Tenable Web App Scanning Chrome Extension interface.