 Once you deploy your web application into a new environment, your application becomes exposed to new types of attacks. For example, misconfigurations of your application server or incorrect assumptions about your security controls. DAST or Dynamic Application Security Testing solves this problem by scanning running applications for vulnerabilities. DAST can be run within a pipeline or on demand, allowing full control of where and when the scanner runs. Let me show you how to run a DAST scan on demand. First, we go to the Security and Compliance tab and click on On Demand Scans. Then, we go ahead and click and create a new DAST scan. There are a few fields we need to fill in. Let's start with the scanner profile. Click on Create New Scanner Profile and you can create a scanner profile by providing a name, which I will give as Note Staging, since this will be for our staging environment. I'll leave the Scan Mode as Passive, which just scans our application. Active Mode would attack the application to provide a more in-depth scan. I'll check Show Debug Messages. You can learn more about configuring a DAST profile in the GitLab application security documentation. Now, I'll go ahead and create a new site profile. Here I provide information on the website or application we will be targeting. Again, it will be my Note Staging environment. I will provide the target URL where my application is hosted. Then, I will go from there and save the profile. Now, I will go ahead and give my scan a name. I'm providing Note Staging Thursday as the name, since I am going to schedule this scan to run every Thursday. Then, I will provide a description on what the scan does in order to keep organized. Now, I am going to go ahead and create a schedule. I click on Schedule Scan and I will provide a time zone. I'm adding Central Time, since that is my time zone. Then, I'm choosing the day that it will run on and we are going to do this every week. I want this to run every Thursday at 1 p.m. Central. I will click on Save and Run Scan. This will kick off the DAST scanner. Now, go back to On Demand Scan and we see a view of every scan that is running or that has run in the past. On Demand Scans makes it easy to run DAST instantly or on a schedule on the location of our choosing, helping enhance the security of your running application.