Document DAST saved scans feature

doc/user/application_security/dast/index.md

@@ -733,9 +733,10 @@ the scan. You must start it manually.
 
 An on-demand DAST scan:
 
-- Uses settings in the site profile and scanner profile you select when you run the scan,
-  instead of those in the `.gitlab-ci.yml` file.
+- Can run a specific combination of a [site profile](#site-profile) and a
+  [scanner profile](#scanner-profile).
 - Is associated with your project's default branch.
+- Is saved on creation so it can be run later.
 
 ### On-demand scan modes
 
@@ -743,8 +744,8 @@ An on-demand scan can be run in active or passive mode:
 
 - _Passive mode_ is the default and runs a ZAP Baseline Scan.
 - _Active mode_ runs a ZAP Full Scan which is potentially harmful to the site being scanned. To
-   minimize the risk of accidental damage, running an active scan requires a [validated site
-   profile](#site-profile-validation).
+  minimize the risk of accidental damage, running an active scan requires a [validated site
+  profile](#site-profile-validation).
 
 ### Run an on-demand DAST scan
 
@@ -753,19 +754,75 @@ You must have permission to run an on-demand DAST scan against a protected branc
 The default branch is automatically protected. For more information, see
 [Pipeline security on protected branches](../../../ci/pipelines/index.md#pipeline-security-on-protected-branches).
 
-To run an on-demand DAST scan, you need:
+Prerequisites:
 
 - A [scanner profile](#create-a-scanner-profile).
 - A [site profile](#create-a-site-profile).
 - If you are running an active scan the site profile must be [validated](#validate-a-site-profile).
 
+To run an on-demand scan, either:
+
+- [Create and run an on-demand scan](#create-and-run-an-on-demand-scan).
+- [Run a previously saved on-demand scan](#run-a-saved-on-demand-scan).
+
+### Create and run an on-demand scan
+
 1. From your project's home page, go to **Security & Compliance > On-demand Scans** in the left sidebar.
 1. In **Scanner profile**, select a scanner profile from the dropdown.
 1. In **Site profile**, select a site profile from the dropdown.
-1. Click **Run scan**.
+1. To run the on-demand scan now, select **Save and run scan**. Otherwise select **Save scan** to
+   [run](#run-a-saved-on-demand-scan) it later.
+
+The on-demand DAST scan runs and the project's dashboard shows the results.
+
+#### List saved on-demand scans
+
+To list saved on-demand scans:
+
+1. From your project's home page, go to **Security & Compliance > Configuration**.
+1. Select the **Saved Scans** tab.
+
+#### View details of an on-demand scan
+
+To view details of an on-demand scan:
+
+1. From your project's home page, go to **Security & Compliance > Configuration**.
+1. Select **Manage** in the **DAST Profiles** row.
+1. Select the **Saved Scans** tab.
+1. In the saved scan's row select **More actions** (**{ellipsis_v}**), then select **Edit**.
+
+#### Run a saved on-demand scan
+
+To run a saved on-demand scan:
+
+1. From your project's home page, go to **Security & Compliance > Configuration**.
+1. Select **Manage** in the **DAST Profiles** row.
+1. Select the **Saved Scans** tab.
+1. In the scan's row select **Run scan**.
 
 The on-demand DAST scan runs and the project's dashboard shows the results.
 
+#### Edit an on-demand scan
+
+To edit an on-demand scan:
+
+1. From your project's home page, go to **Security & Compliance > Configuration**.
+1. Select **Manage** in the **DAST Profiles** row.
+1. Select the **Saved Scans** tab.
+1. In the saved scan's row select **More actions** (**{ellipsis_v}**), then select **Edit**.
+1. Edit the form.
+1. Select **Save scan**.
+
+#### Delete an on-demand scan
+
+To delete an on-demand scan:
+
+1. From your project's home page, go to **Security & Compliance > Configuration**.
+1. Select **Manage** in the **DAST Profiles** row.
+1. Select the **Saved Scans** tab.
+1. In the saved scan's row select **More actions** (**{ellipsis_v}**), then select **Delete**.
+1. Select **Delete** to confirm the deletion.
+
 ## Site profile
 
 A site profile describes the attributes of a web site to scan on demand with DAST. A site profile is