Frequently Asked Questions

Table of Contents

Q: What are concurrent Test Sessions?

A: Test Sessions are explained in the Definitions. To help with that documentation there are example Job files which you can read in conjunction with the Job File documentation. An appScanner Test Session has relationships to one-to-many routes. Most people only need one or two Test Sessions defined in their Job file. Concurrent Test Sessions are just when you specify more than one Test Session in your Job file. These Test Sessions are run concurrently in isolated Testers. You can also create multiple Job files to spread Test Sessions out, and run those Job files sequentially.

Q: What’s the deal with scan minutes?

A: Scan minutes apply to cloud users (those with a PurpleTeam account) only. If you are on the Enterprise (or custom) plan, you may have chosen:

• Unlimited scan minutes which means your PurpleTeam back-end environment is always on and available for you to use.
• A limited number of scan minutes per day, with this option you also have the added option of “Split schedules”. Split schedules allow you to have your daily quota of scan minutes split up into multiple blocks, this is usually a cheaper option than “Unlimited (always on)”

If you are on a plan with limited scan minutes there are a few things to be aware of:

• You decide when you want your allocated scan minutes to be scheduled
• There is a warm-up period. It takes approximately 10 minutes, sometimes a little more for the underlying back-end infrastructure (AWS ECS) to become stable. this means that the stage one containers hosting the PurpleTeam micro-services may be stopped and started during this period. Issuing PurpleTeam CLI status commands will let you know if the PurpleTeam orchestrator (The first point of meaningful contact behind the AWS ApiGateway) is ready to take orders. Bear in mind though that during this warm-up period even though the orchestrator reports as being ready to take orders the AWS ECS scheduler may still stop and start the crucial stage one containers. So you can only rely on the orchestrator’s responses as being meaningful in regards to starting Test Runs after this initial warm-up period. If you have a scheduled block of scan minutes, PurpleTeam-Labs have scheduled these to start 20 minutes before your requested time. This “should” allow enough time for the AWS ECS scheduler to have your stage one containers in a stable state, if this is not the case please let us know.

Q: When can I start a Test Run

A: This is different for local vs cloud environments, for:

• local: For your first Test Run: As soon as the stage one containers are up (usually less than 10 seconds unless images need to be fetched). For subsequent Test Runs: Once the previous Test Run has completed and the orchestrator has issued it’s orchestrator is ready to take orders. message.
• cloud: For your first Test Run: As soon as AWS ECS considers the stage one Task containing the stage one containers to be stable, this is usually within ten minutes of the EC2 container instances being started from the beginning of your block of scheduled scan minutes. For subsequent Test Runs: Once the previous Test Run has completed and the orchestrator has issued it’s orchestrator is ready to take orders. message. For the cloud environment this period is longer than it is for local because AWS ECS has to destroy stage two Services and their respective Tasks.