Follow these instructions to create a network scan profile. The profile that you create can be used for any on demand WAS scans or scheduled WAS scans.
- Login to Security Center.
- Click Scan profiles.
- Click +Create scan profile.
- Under the headline General information enter the following:
- Name: the name of the profile, e.g. Standard scan profile.
- Owner: the owner of the WAS scan.
- Click headline Scan settings
- Under the headline Crawl settings enter the following settings:
- User agent: enter a specific user agent to use during WAS scans. The user agent name will work similar to a name of a web browser.
- Under the headline Performance enter the following settings:
- Scan intensity: Select which scan intensity to use during scans. Default is 30 requests per second. Use drop down to choose a preselected value or you can choose your own value if needed.
- Under the Headline Password brute forcing: When having password brute forcing enabled the scan will try to make login using common usernames and passwords for a number of different services that can be found here:
http://support.holmsecurity.com/hc/en-us/articles/115000454169/ - Under the headline Vulnerability detection enter the following settings:
- Complete: include all vulnerabilities in the database in the WAS scan profile.
- Custom: include categories vulnerabilities and/or specific vulnerabilities in the WAS scan profile.
- Exclude: exclude categories vulnerabilities and/or specific vulnerabilities in the WAS scan profile.
- Under the headline Sensitive content enter the following settings:
- Credit card numbers: checked by default. Uncheck to not scan for this
- Social security numbers: checked by default. Uncheck to not scan for this. You can choose between various social security numbers nationalities.
- Custom content: Enter custom content for the WAS scanner to scan for.
- Under the headline Comments enter the following:
- Comments: Enter specific information you want on you WAS scan profile.
- Click OK.
- Done!
0 Comments