Allowlist and Manage Targets

Before you create an app or create a scan config, you should verify that you have added the target domains you want to scan to the allowlist. Domains that have not been allowlisted cannot be scanned.

You can add domains to the allowlist from the Targets page, which is accessible from the left menu.

Allowlist or Add Target Domains

Allowlisting target domains is a critical step for creating a scan config. Domains need to be allowlisted before you can add them to an app or configure a scan.

To allowlist target domains:

  1. From the left menu, go to the Targets page.
  2. When the Targets page appears, click the Add Targets button.
  3. When the Add Targets page appears, input each target domain you want to allowlist. To bulk add multiple target domains, enter each one on a new line. The URL should be formatted like: protocol://subdomain.domain.com/subdirectory. Only the domain is required. Protocols and subdirectories will be removed during scanning.

Enable or Disable Target Domains

Target domains can be enabled or disabled as needed. Only active domains can be added to a scan config or app. If you attempt to add an inactive target domain, you will be prompted to allowlist it. All newly allowlisted target domains are enabled by default, unless configured otherwise.

To enable or disable a target domain:

  1. From the left menu, go to the Targets page.
  2. When the Targets page appears, find the target domain you want to modify.
  3. Toggle the Enable button on or off.

Disabled Target Domains

If you are disabling a target domain, existing scan configs may be affected. Check your scan configs to ensure that the target domains can be disabled.

Delete Target Domains

Target domains that you no longer need can be deleted. Targets can only be deleted if no scans have been run against it.

If you are deleting a target domain, existing scan configs that use it may be affected. Check your scan configs to ensure that the target domains can be deleted.

To delete a target domain:

  1. From the left menu, go to the Targets page.
  2. When the Targets page appears, find the target domain you want to modify.
  3. Toggle the Enable button on or off.