Manage Scan Configs

You can perform operations like copying and deleting your scan configurations from the “Scan Configs” screen of an app.

Copy Scan Config

You spend a considerable amount of time refining scan configs to ensure scans have the desired coverage, have the correct authentication credentials, and run as quickly as possible. Once you have done this, you may want to scan the targets with a different attack module, or scan a different area of your web application with the same settings.

InsightAppSec allows you to create a copy of an existing scan config and reuse the settings with minor modifications. You can copy a scan config to the same app that you’re working with already, or copy a scan config to another app altogether.

To copy a scan config:

  1. Navigate to All Apps and select the app you wish to scan.
  2. On the app screen, select the Scan Configs tab.
  3. In the “Scan Configs” table, select the row with the scan config you want to copy, then click the Copy scan config button.
  4. The “Copy Scan Config” screen will appear. The “Scan Config Name” will default to the name of the original scan config with “(Copy)” added to the name. Modify this name if you like.
  5. Optionally add a description with the purpose of this scan config.
  6. Click the dropdown menu under “Location” to select the target app that will receive the copied scan config. This dropdown defaults to the current app.

When copying a scan config to the same app, you’ll have the option to include files and credentials for scan scope and authentication. Checking these corresponding boxes means that your copied scan config will retain all settings from the Scan Scope and Authentication tabs that appear in the original scan config.

If you elect to uncheck these boxes, note that some options that exist in the Custom Options > Advanced Options tab will carry over if they contain settings related to scan scope or authentication if they do not exist in their respective tabs. For example, unchecking the Scan Scope box causes any settings related to scan scope in Advanced Options that do not also exist in the Scan Scope tab to copy over to the new scan config. The same behavior applies to the Authentication box.

Scan scope and authentication options will not be available and are functionally excluded if you are copying the scan config to a separate app. However, the same Advanced Options behavior mentioned previously also applies to this scenario.

NOTE - App access required

You can only copy a scan config to apps you have access to.

  1. After you finish applying your copy settings, click the Save Copy button. The new scan config will appear in the “Scan Configs” table of the app that you specified.

Delete Scan Config

You may want to delete scan configs if the associated target has been removed or the web application settings have drastically changed.

To delete a scan config:

  1. Go to All Apps and select the app with the obsolete scan config.
  2. On the app screen, select the Scan Configs tab.
  3. In the “Scan Configs” table, select the row with the scan config you want to delete, then click the Delete scan config button.
  4. You will see a warning that the delete process cannot be undone. If you are certain about deleting the scan config, click the Delete button. The scan config will disappear from the “Scan Configs” table.