Create a Scan Config

The first step in scanning your own application is to create a scan config. A scan config is a group of settings you can use to scan a particular web application. The scan config contains all the required details such as URLs, credentials, and scan instructions for the application to be scanned. By creating a scan config, you can save a particular configuration of options, and use it to scan that application with those options again.

You can create multiple scan configs per application in order to address different needs. For example, you might want to scan your application weekly with the default attack template, and monthly with the SQL Injection and XSS template.

Create a new scan config

Use one of the following methods to create a new scan config:

  • Click the New Configuration link in the "Actions" sidebar of the main window.
  • Click the Configuration > New link from the top level toolbar.
  • Click the New button from the "Scan Configurations" toolbar. All of these methods will start up the scan config wizard, which will enable you to customize and save a new scan config.