You can launch a new discovery scan from the Scan List tab.
When you scan a web application for the first time, it is recommended to run a discovery scan first. A discovery scan performs information gathered checks (forms detected, external links found, and so on) and sensitive content checks.
Note: No vulnerability checks are performed in a discovery scan.
The discovery scan is a good way to learn where the scan will go and whether there are URIs to be added to exclude list for a vulnerability scan.
To launch a discovery scan, click New Scan > Discovery Scan, and perform the following steps:
1. Add basic details. See Launch Discovery Scan - Basic Information.
2. Configure scan settings. See Launch Discovery Scan - Scan Settings.
3. Review the settings defined and launch the scan. See Launch Discovery Scan - Review and Confirm.
User roles and permissions determine whether users have WAS scan permissions. Several permissions groups are available for the WAS including 3 groups for WAS scans — WAS Scan Permissions, WAS Schedule Permissions, and Scanner Appliance Permissions. For details, Scan permissions.