Compliance Scan - Scan Settings

On this page, select the settings for performing a scan.

Authentication

Select an authentication record from the list if authentication is required. Choose from records already defined for your target web application (in the web application settings).

This tells us the access methods and credentials (form and/or server-based) that is used to perform authenticated scanning.

Authentication may be required for our security scanners to access the functionality of your target web application. Tip - You can upload Selenium scripts to your authentication records and we'll use them for authenticating your applications at scan time.

Scanner Appliance 

- Select External for an external-facing application. Perimeter applications can be scanned by Qualys Cloud scanners. 

Cancel Scan 

You can cancel the scan automatically after a defined period or at a specified time. 

By default, the scan runs until it completes or the maximum scan time is reached. 

- To cancel the scan after a certain duration, select Cancel Scan After, and enter number of hours after which the scan should be canceled. 

- To cancel the scan at a specified time, select Cancel Scan At, and select the time or enter the time. 

You can set the cancel scan options while creating or updating the application also. See New API - Default Scan Settings.

Note that canceled scans may return partial, incomplete results.

Email Notification 

Select the Send mail at scan completion check box to send an email upon scan completion, failure, or cancelation, and select the email address from which the email should be sent in the From Address list. All users with permissions to view the target web application will get these emails.

For more information on sending an email notification, see Scan complete email notification.