Configure your Scan

Jump to steps

Scanning is integral to evaluating the risk to your applications. Scans run attacks on the selected URLs in your app to identify weaknesses that could lead to vulnerabilities. Based on your needs, you can target various sections of your application for weaknesses by configuring scans. To best utilize your scan, you can configure the following scan settings.

  • Scan Scope - Decide which URLs are attacked or crawled.
  • Authentication - Authentication method for logging in to the app.
  • Attack Templates - Pre-configured sets of attacks and performance options.
  • Attack Modules - Modules to include in the scan.
  • Custom Options - Configuration options for Proxy, Performance, HTTP Headers, and more.
  • Advanced - Additional configuration options for the scan template.

A scan configuration, or scan config, is a group of settings you can use to scan a particular app. By creating scan configs, you can save particular settings configurations and use them to scan that app with those options again and again.

Use Case You want to scan your application web interface, which is updated regularly, on a weekly cadence and the associated API, which is updated less frequently, on a monthly basis. Create separate scan configs for the UI and the API and apply a different schedule cadence to each.

Create and Edit a Scan Config

  1. On the All Apps page, click the application where the scan is stored.
  2. On the Scan Configs tab, do one of the following:
    • Click Create New Scan Config.
    • To adjust an existing scan config, click the scan config.
  3. Configure the settings in each tab and sub-section as necessary.
  4. (Optional) On the General tab, enable or disable Scan Incrementally. To reduce redundant vulnerability results, incremental scanning ignores the elements of your site that have not changed since the last scan.
  5. (Optional) On the Attack Templates tab, create or manage attack templates to use in the scan config. We recommend starting with the All Modules attack template for maximum coverage.
  6. Save the Scan Config.
    • Click Save to save and close.
    • Click Save and Scan to save and run the scan.

Copy a Scan Config

You can create a copy of an existing scan config and reuse the settings with minor modifications. You can copy a scan config to the same app that you’re working with already, or copy a scan config to another app altogether.

App access required

You can only copy a scan config to apps you have access to.

  1. Navigate to All Apps and select the app you wish to scan.
  2. On the app screen, select the Scan Configs tab.
  3. In the “Scan Configs” table, select the row with the scan config you want to copy, then click the Copy scan config button.
  4. (Optional) Edit the Scan Config Name. The default name is the name of the original scan config with “(Copy)” added to the name.
  5. (Optional) Add a description with the purpose of this scan config.
  6. Click Location and select the target app that will receive the copied scan config. The current app is selected by default.
  7. Click Save Copy.

Delete a Scan Config

You may want to delete scan configs if the associated target has been removed or the web application settings have drastically changed.

Scan configs are permanently deleted

Deleting a scan config is permanent. You will not be able to reuse this scan config.

  1. Go to All Apps and select the app with the obsolete scan config.
  2. On the app screen, select the Scan Configs tab.
  3. Select the row with the scan config you want to delete, then click Delete scan config.
  4. If you are sure you want to delete the scan config, in the warning, click Delete.