A static search list includes a list of WAS QIDs that you define. Only web application vulnerabilities can be included in the web application search list. You can perform a search of the KnowledgeBase to find the QIDs you want to include in the list or manually type or paste in list of QIDs.
When a static search list is used the QIDs saved in the search list are included (or excluded)in the action. For example, when a static search list of included in an option profile and applied to a scan, our service performs vulnerability tests only for the QIDs defined in the static search list.
To create a static search list, click New Search List > Static List, and follow the simple steps:
1) Add basic details. See Static Search List - List Details
2) Add QIDs to be included in the search list. See Static Search List - QIDs
3) Add comments to be associated to the search list. See Static Search List - Comments
4) Review the settings defined and create the search list. See Static Search List - Review and Confirm
User roles and permissions determine whether users have WAS Configuration Permissions; there are individual permissions for creating, editing and deleting search lists and the other WAS configurations. For details, checkĀ Configuration permissions.