diff --git a/code-scanning/soos-dast-scan.yml b/code-scanning/soos-dast-scan.yml index cf3b1b7..9b58e90 100644 --- a/code-scanning/soos-dast-scan.yml +++ b/code-scanning/soos-dast-scan.yml @@ -3,13 +3,18 @@ # separate terms of service, privacy policy, and support # documentation. # -# SOOS is the easy-to-integrate software security solution for your whole team, learn more at https://soos.io/ +# SOOS is the easy-to-integrate and affordable software security solution for your whole team. +# Learn more at https://soos.io/ # -# To use this action you need to fill the following requirements: +# To use this action, perform the following steps: # -# 1. Create an account on https://app.soos.io to obtain a Client ID and API Key (Free 30 days trials for both our SCA/DAST product). +# 1. Create an account on https://app.soos.io. SOOS offers a free 30 day trial for our SCA and DAST products. # -# 2. Set up your API KEY/Client ID as Github Secrets named SOOS_CLIENT_ID & SOOS_API_KEY. (Also set SOOS_GITHUB_PAT with your Github Personal Access Token if you're going to use sarif upload) +# 2. Navigate to the "Integrate" page in the SOOS app (https://app.soos.io/integrate). Note the "API Credentials" section of this page; the keys you will need for the next step are here. +# +# 3. Set up your SOOS API Key and SOOS Client Id as Github Secrets named SOOS_API_KEY and SOOS_CLIENT_ID. +# +# 4. (Optional) If you'd like to upload SARIF results of DAST scans to GitHub, set SOOS_GITHUB_PAT with your Github Personal Access Token. # name: "SOOS DAST Scan"