중요
Run IAST with non-production deployments only. IAST tests by invoking HTTP requests with an exploit payload. You must use IAST in non-production environments with only simulated data to avoid both data corruption and introducing exploits into your live code. In addition, when you run IAST on new code in pre-production, you catch potential vulnerabilities before they go live.
To install New Relic IAST:
Go to one.newrelic.com > All capabilities > IAST and click Set up IAST with applications.
Confirm IAST isn't running in a production environment and click Continue.
Make sure your newrelic.yml
config file is updated as follows:
Once you've completed all the steps, restart your application and generate traffic against the application's APIs.
Click See your data to see an overview of your tested application.
For more detailed instructions, check out these examples demo below.