Select Core to scan for the WAS core set of web application vulnerabilities in the KnowledgeBase.
Select Categories and choose the desired predfined vulnerability categories to define the detection scope.
Select Custom Search Lists to use static or dynamic search lists to define the detection scope. You can select search lists to include and/or search lists to exclude.
Select XSS Power Mode to run a specialized scan that performs comprehensive tests for cross-site scripting vulnerabilities.
Select Everything to scan for all the web application vulnerabilities in the KnowledgeBase.
You may select one or more types of sensitive content detection. Your options are:
Credit Card Numbers - Check for sensitive content based on credit card numbers.
Social Security Numbers - US Format - Check for sensitive content based on social security numbers.
Custom - Check for sensitive content based on custom patterns you specify. Sensitive content for custom checks may be specified as strings and regular expressions in the field provided. You can enter a maximum of 10 custom checks, where each check appears on a separate line. An entry for a single check must be a minimum of 5 characters and a maximum of 100 characters.
Important: Sensitive content detection will be performed only when you scan for QID 150016. If you select Custom in the Detection Scope settings, you must add an "Include" search list that includes QID 150016.