i am new on WAS scanning based on AWS.
i am planning to scan a web application hosted on AWS, and i am trying the best way to do that.
here some informations about environment:
1- Web application hosted on AWS and Has two aliases (2 different IPs each time i make a nslookup)
2- we have no a license for qualys cloud.
3-for now i don't have a virtual scanner installed on the AWS instance.
is that possible to use a internal virtual scanner installed outside the AWS instance and configure the AWS WAF to allow traffic for the internal scanner to scan the web application?
do you have suggestion how i can make the scan for the web application, or if it is possible to make the scan in the conditions above?
thanks in advanced.