# Register Web Applications :::info The features covered in this tutorial are only available to organizations that have signed up for the Web application security assessment feature. ::: This document describes how to register a web application with Shisho Cloud and configure an automated security diagnosis. There are three ways to register a web application with Shisho Cloud: - For web applications running on cloud resources integrated with Shisho Cloud - [Register from Attack Surface List](#register-from-as) - [Register from Security Graph](#register-from-sg) - For other web applications - [Register Manually](#register-manually) ## Register from Attack Surface List {#register-from-as} Open the [Attack Surface List](https://cloud.shisho.dev/*/attacksurfaces) to see a list of hosts automatically detected from resources integrated with Shisho Cloud. :::info All hostnames displayed in the Attack Surface List are detected by referring to the configuration of resources integrated with Shisho Cloud. It is possible that not all hostnames will be detected immediately after the external integration is complete. ::: ![Attack Surface List](/docs/_md-assets/40908f5ac1-attack_surface_list.png) Click the "Register" button on the right side to open the sidebar for registering a web application. When creating a web application from the Attack Surface list screen, the hostnames associated with the selected attack surface are specified as the scope. You can change this at this point if necessary. You can also edit it after registering the web application. ![Web Application Registration Screen](/docs/_md-assets/7b194bca90-create_web_application_via_attack_surface_list.png) Fill in the "Application Name" (required) and "Description" (optional) fields, then click "Register" in the lower right corner of the screen to register the web application. ## Register from Security Graph {#register-from-sg} If a resource that is an attack surface is included in the Security Graph, you can register a web application directly from the Security Graph. As a straightforward example, open the Security Graph page of the resource on which the web application you want to register is running. ![Security Graph Page](/docs/_md-assets/f7e85e5afd-security_graph_page.png) The nodes drawn in red on the Security Graph have detected attack surfaces. Left-click on a red node to display detailed information about the node on the left side, which contains a section called Attack Surface. Click on "Register Application" at the bottom right of the section to display a modal for registering the web application. ![Web Application Registration Modal](/docs/_md-assets/5432b2cf0a-create_web_application_via_security_graph.png) You can also register a web application from the menu that appears when you right-click on a red node. ![Context Menu](/docs/_md-assets/4e494b183f-security_graph_node_context_menu.png) ## Register Manually {#register-manually} First, open the [Web Application List](https://cloud.shisho.dev/*/applications) and click the "Register Application" button in the upper right corner. In the "Scope" field of the Add Application screen, specify the URL to be diagnosed. ![Add Application Screen](/docs/_md-assets/56d6c7d07e-register-web-application.png) After filling in the required information, click the "Register" button to register the web application. Next, proceed to the [Collect Target Endpoints](/docs/g/getting-started/register-web-applications/collect-endpoints/index.md) procedure.