What does the scan profile settings mean?

The following article will explain the basics of the scan profile settings for web application scanning (WAS).

General Information

Name
Enter the name for the scan profile.

Owner 
The owner of the policy.

Scan Settings

Crawl settings

User agent
The user agent that crawls the specific website. 

Maximum crawl requests
The maximum number of crawl requests the scan will perform during the test. The total amount of requests that the system will allow is 8.000. 

Performance

Scan intensity
There are four different types of settings that determines the number of requests per minute. 

  • Low: 10 requests per second
  • Medium: 30 requests per second
  • High: 50 requests per second
  • Custom: a custom value 

Requests per second 
Total requests per second: The recommended number of requests are 30 per minute.

Vulnerability detection

This feature will allow you to decide which vulnerabilities you wish to include and or exclude in your WAS scan. You are able to choose between Complete or Custom

Exclude
In order to exclude certain vulnerabilities in your scan simply select Complete and search for the category name, vulnerability name or HID.

Custom
If you rather wish to scan for specific vulnerabilities select Custom and search for the category name, vulnerability name or HID.

Sensitive content

Sensitive content are specific tests that search for information such as credit card numbers and social security or personal identification numbers. 

Custom content allows you to type in a specific search criteria that the scanner will try and detect. 

Comments

Comment
The comment section allows you to type in custom content for yourself or your team members. This is
useful when creating Scan profiles that contains exclusions or other settings.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.