Home

Web Application - Default Scan Settings

Option Profile

Select the default option profile to be used for scanning this web application. Go to CONFIGURATION > Option Profiles to view/edit its settings.

We use the default option profile automatically when users launch or schedule a scan for this web application. The default option profile can be set to any option profile you have permissions to use. If you don't have a WAS option profile in your account, we service provide an option profile called "Initial WAS Options" with the recommended settings for web application scanning.

Scanner Appliance

Select the default scanner appliance to be used for scanning this web application. We use the default scanner appliance automatically when users launch or schedule a scan for this web application. The default scanner appliance can be set to

External (for scanning a web application on a public-facing network)

Individual (for scanning a web application on an internal network. By default, only one internal scanner can be selected.)

Tags (for allocating multiple scanner appliances clubbed in a group by a single or multiple asset tags. Select an existing tag or create a new tag. All the scanner appliances that are associated with the selected tags form a scanner pool for the web application.)

Lock this scanner appliance for this web application. Select to lock the selected scanner appliance for scans of this web application. If selected, the scanner appliance specified here cannot be changed when launching or scheduling scans of this web application.

Tell me about the Cancel Option

This option allows you to cancel scans of this web app by default after some period of time - after a number of hours, or at a specific time. You can override this setting per scan and scan schedule if you wish. For example, say you know a certain web application should never be scanned 10pm to midnight. You could choose to cancel scans of this web app at a time before this window by default.

By default we do not cancel scans. Once a scan is launched it will run until it completes, or the maximum scan time is reached.

Keep in mind that cancelled scans may return partial, incomplete results.

Progressive Scanning

Progressive Scanning adds more scanning capabilities. Progressive Crawling expands the testing coverage for web applications over time. Each scan builds upon the information obtain in previous scans, prioritizing new content areas to expand coverage. Progressive Testing enhances the flexibility of scanning by automatically starting, stopping and resuming scans across your networks without manual intervention. By choosing Progressive Scanning as the default for this web application we'll add to the history of findings in stages, with each scan. You can easily override the default per scan if you want.

Scanning through a Proxy

Easily run web application scanning through a proxy by defining a default proxy for the web app. This way you don't need to select the proxy server in the scan settings and it makes it convenient for all users. Just select a proxy name from the list of proxies available in your account. Want to view (or edit) proxy settings? Go to Configuration > Proxies and then from the Quick Actions menu, click View. Want to add a new proxy? Click New Proxy.