Getting Started

The following article demonstrates how to create a new CodeScan cloud account, log in to an existing CodeScan account, as well as how to set up your CodeScan account to get started.

Signing Up with CodeScan

Follow the steps below to Sign Up and Log In to CodeScan Cloud:

  1. To sign up for CodeScan Cloud, navigate to https://www.codescan.io/.

  2. By default, the instance URL is presumed to be from the United States (US), and the URL would look something like https://app.codescan.io/sessions/new?return to=/%2F.

    Important Note:

    If you are in a region other than the US, such as Australia, change the URL to https://app-aus.codescan.io/sessions/new?return to=/%2F. Similarly, edit the URL for the EU region to https://app-eu.codescan.io/sessions/new?return to=/%2F.

  3. Click on Log in with AuthO.

  4. On the next screen, enter the following details to sign up for CodeScan: a. Email address: Enter a valid email address. b. Password: Enter your password. c. Full name: Enter the name associated with your account profile. d. Company name: Enter the name of the company or organization. d. Phone number: Enter a valid phone number. e. Requires Two-Factor Authentication: You can also enable Two-Factor Authentication for your login. f. Read and accept our terms of service and privacy policy and select the checkbox.

  5. Click on Sign Up button.

And you're in! Enjoy!

Note

When enabling Two-Factor Authentication you will be required to download the Auth0 Guardian app to your mobile device. You will be prompted for this when you first log in. You cannot make changes to your two-factor authentication after sign up. Please contact support@codescan.io to make changes to your two-factor authentication.

Two-Factor Authentication (MFA/2FA)

CodeScan offers 2FA to further support account privacy and security. This document helps you understand how to set up and work with 2FA.

Note

Be sure to save the token generated at signup, as it allows you to reset the 2FA if you have trouble logging in or getting push notifications.

  1. When you sign up to CodeScan cloud, you can enable two-factor authentication by selecting the Require Two-Factor Authentication checkbox.

  2. Fill in all the details and click on Sign Up button.

  3. Download the authenticator app on your mobile phone. Once you have downloaded the app, select I’ve already downloaded it to continue.

  4. Next, you will be prompted to scan the QR code with your Guardian (authenticator) app. a. A token is generated and available on the screen for you to copy and save.

b. Click the checkbox next to I have safely recorded this code to confirm you have recorded it and continue.

And you have set your 2FA!!

Logging In

The CodeScan login screen allows you to log in to your instance.

  1. Navigate your web browser to your instance's URL, for example, https://app.codescan.io/ for US region, https://app-eu.codescan.io/ for EU region or https://app-aus.codescan.io/ for AUS region.

  2. The CodeScan login screen appears.

  3. You can Login with AuthO or Log in with SAML2 if enabled or you can click on More options to enter your login credentials (username and password).

  4. Click on Log in.

    Note:

    If you do not know your instance's URL or login credentials, please contact your system administrator for assistance.

  5. The CodeScan welcome screen appear.

  6. If you choose Application Security Testing, you will be taken to the Projects page, which will be your default homepage. As a result, the next time you log in to CodeScan, you will be instantly directed to the Projects page because it is set as the default page.

    Similarly, if you choose Policy Management, the Policy Results screen will be set as your default homepage.

    The Policy Results page is also accessible via the More menu.

Getting Started with CodeScan Cloud

There are three steps to get CodeScan Cloud working for you. 1. Defining Your Standards 2. Achieving Visibility 3. Enforcing Your Standards

The following sections will include links to articles to help you set up CodeScan through these three steps.

Defining Your Standards

CodeScan comes out-of-the-box with some predefined rule sets. These represent our recommended minimums for your security and quality.

However, these rule sets are completely customizable. Define what you would like to see and how important it is by creating your own custom rule sets. Click here to learn how customizable rule.

Defining an expected level of quality is also very important. The highest-level quality indicator of your code is a hard pass or fail. Click here to learn how to set these standards.

Achieving Visibility

CodeScan helps you keep your code clean as you develop using the branching functionality and new code periods.

Seeing the issues as they appear allows you to maintain your standards on current development and plan your refactoring efforts. See here for more information on Branching Functionality and the New Code tab.

Enforcing Your Standards

Passing or failing a project on the CodeScan dashboard is very useful. The next step is to use those metrics to enforce your standards. Learn how CodeScan can be integrated into your repository or pipeline with our articles around CI/CD.

Our support team is always happy to help if you get stuck! You can reach us at support@codescan.com.

Enjoy cleaner code!

-CodeScan Team

Last updated