Search lists are custom lists of WAS related vulnerabilities that you can apply to an option profile for scanning or to report settings. You can configure both static and dynamic lists and use them to include and/or exclude WAS related vulnerabilities in scans or web application reports.
Go to Configuration > Search Lists. From the New List menu, choose Static List or Dynamic List. When you choose Static List you'll be prompted to pick the specific WAS QIDs you want to include in the list. When you choose Dynamic List you'll be prompted to choose the criteria that defines the WAS related vulnerabilities you want to include. We'll find matching QIDs for you.
Dynamic search list | Static search list
You can use search lists to limit a vulnerability scan to only a select list of QIDs or to scan only for vulnerabilities of a particular type or severity range. You can also use search lists to exclude vulnerabilities from scans. Simply add your search lists to the option profile you want to use for the scan.
Go to Configuration > Search Lists. Hover over the search list, choose Edit from the Actions menu and use the wizard to edit the settings. Tip - Turn on help tips in the wizard title bar to view online help when you hover over the settings.
User roles and permissions determine whether users have WAS Configuration Permissions; there are individual permissions for creating, editing and deleting search lists and the other WAS configurations. Learn more
By applying tags to a search list you enable users to access the list. Any user with a matching tag in their scope will have access to your search list.
Want to define tags? It's easy - just go to the Asset Management (AM) application.
The preview pane appears under the list when you click anywhere in a search list row. The preview displays the number of option profiles using the search list, the name of the user who last updated the search list, the date and time of the update and the last comment added.