Can I retrieve partial scan data after cancelling a unfinished scan? |
|
Can I view the partial scan data for scans with Service Errors Detected status? |
|
A user's permission to launch a scan and view scan results depends on the user’s account settings. The user's role (Manager, Unit Manager or Scanner) determines whether the user can launch scans and edit schedule settings. The user's scope determines which web applications, option profiles, and scanner appliances are available to the user. Learn more
Our KnowledgeBase of vulnerabilities is the largest in the industry and it is available to you at all times. Multiple sources contribute to updating the KnowledgeBase on a continuous basis, including the research of our own Security Engineers. When you launch a vulnerability scan, we'll check for all vulnerabilities if you choose the option profile called "Initial WAS Options". Want to limit the scan to certain vulnerabilities? No problem, just update your option profile before you launch your scan. Go to the KnowledgeBase and create a search list (this is a list of vulnerability QIDs), then edit the option profile you'll use for the scan and select the search list.
Each vulnerability in the KnowledgeBase is assigned a unique ID (QID), a type (vulnerability, potential vulnerability, information gathered) and additional information for classification and tracking. Learn more
Enable the ScanTrust option to scan a web application protected by WAF. This lets you get visibility on vulnerabilities that are not yet fixed but blocked by WAF. Learn more
The scan status appears in scan results and reports, and you can see the status of your running and completed scans in the Status column of the scans list. To track the progress of a running scan, hover over the scan in the scan list and choose View from the menu. Learn more
We display more information in the scan view to give you a better picture about the scan progress by displaying the scan phases along with the status. Once the scan is launched, go to the quick actions menu and select View. You can view the scan progress and the various phases it undergoes before the scan is completed. We display the progress of each phase for you to know the scan status.
- Initializing
- Crawling
- Testing
- Finalizing
We also display the scan progress bar that tells you the time elapsed since the scan was launched. The elapsed time portrays a clear picture of how long the scan has been in progress from the time it has been launched.
We display scan statistics to help you analyze your scan in a better manner. Once the scan achieves Finished status, you can select View from quick actions menu and view the scan statistics. We also display: Ajax Links Crawled, Request Crawled, Timeout Errors, Unexpected Errors for the scan.
You'll know when the scan status shows Finished. At this time you can select View from the Quick Actions menu to see an overview of the scan. Then click the View Report button to launch a report of the scan details. If you have notifications turned on you'll get an email. This is especially useful if you logged out of the application or went on to do other things while the scan was running. Learn more
The scan preview and results tell you whether authentication was successful. If authentication was successful, the authentication record name appears in green. If not successful, the name appears in red. Learn more
Yes. In fact it's best practice to setup scheduled scans so that scans run automatically and you receive scan results on a regular basis - daily, weekly or monthly. Regular scan results give you the most meaningful reports and help you lower security risk. Simply go to Scans > Schedules and click New Schedule.
Can I download my schedules to iCalendar?
Yes, you can cancel an unfinished scan (child scan in a multi-scan as well). Just select the scan in the scans list and choose Cancel from the menu. The Results will not be returned for scans canceled in this way. To return results for a cancelled scan, we recommend using the cancel setting when launching or scheduling your scan. (Note: the Cancel Scan option is enabled only after 20 minutes of scan goes into Running status.)
Choose the Scan Cancel option to cancel a scan automatically after some period of time - a number of hours, or at a specific time. You can choose the Cancel Option for a new scan, child scan of a multi-scan and a scan schedule, and for a web application's default scan settings.
Yes, you can use Cancel Scan with Results option from the quick action menu to cancel a unfinished scan and then retrieve the partial scan results. (Note: the Cancel Scan with Results option is enabled only after 20 minutes of scan goes into Running status.)
To view the partial data that has been retrieved by the unfinished scan, click View Report from the quick actions menu for scans with Canceled With Results status. The Cancel Scan with Results option is available for child scan in a multi-scan as well.
Yes, you can. Like "Canceled with Results" scan, you can view the findings (vulnerability, sensitive content, and information gathered) for scans with status as "Service Errors Detected". You can see all the findings that were detected till the scan got terminated. Findings for these scans will be visible in the web application report and Detections tab.
In the Service Error Detected scans, we will not mark any finding that was detected in an earlier scan as "Fixed" because we do not know if the finding is present or not as the scan could not be completed. For such findings, we display a message that the vulnerability is not tested in the findings' history on the Vulnerability Details screen.
You can download the finished scan results in legacy XML from the scans list. Legacy XML is the scan results format created using WAS v1. Go to Scans > Scan List, hover over a scan row and choose Download from the Quick Actions menu. You can view results of a finished scan by choosing View from the Quick Actions menu. You'll see an overview of the scan. Here you can click the View Report button to launch a report of the scan details.
Yes. Identify the scan you want to run again and choose Scan Again from the Quick Actions menu. We'll do our best to pre fill the scan settings to match the original scan. We may not be able to pre fill settings if there were changes in your account like the option profile was renamed. Interested in automated scanning? Go to the Schedules tab and set up a recurring scan schedule for continuous monitoring.
The scan sitemap gives you an interactive view of scan results for a single web application. Just select a scan (from the scans list) and then View Sitemap from the Quick Actions menu. The sitemap lets you explore pages/links scanned, links crawled, vulnerabilities and sensitive content detected, and drill down to see information on nested links. You can select links found to take these actions: create new web applications, and add links to the allow or exclude list for the target web application.
You can run reports on your scan when the status in the scan list is shown as Finished. Just choose View Report from the Quick Actions menu.
By default, scan results are Never Deleted. Scan owners have the option to set a storage limit of 1 to 13 months. You define scan storage settings in the WAS application.
How do I configure scan storage?
You can tell how each scan was launched by looking at your scan list.
You'll see one of these launch modes for each scan: 
on demand, 
scheduled or 
API. The preview pane also shows the launch mode.
The preview pane appears under the scans list when you click a row in the Scans section. The preview displays the target web application, the user who launched the scan and the date and time when the scan was launched and other details. The authentication record name appears in green if successful, in red if not successful. For a discovery scan you'll see the crawling time and number of pages discovered. For a vulnerability scan you'll see the number of vulnerabilities detected and a breakdown of vulnerabilities by severity level. Tip - Hover over the authentication record name for more information.
You'll see the status of detected vulnerabilities in Scan Reports. We continuously update the status of detected vulnerabilities in your account, based on the most recent scan results. Each vulnerability instance is assigned a status - New, Active, Fixed or Reopened. Look here
You can troubleshoot most scan problems by viewing the QIDs in the scan results. Learn more
You might see this error reported for a web application scan. Click here to learn how to reproduce it.
Our WAS application is the most scalable web application scanning solution available. We've enhanced the ability to support large web application scanning programs by adding the ability to scan any number of web applications as a Multi-Scan. This feature enables you to scan hundreds or even thousands of web applications you may have in your organization with granular insight into what scans are running and which ones are complete.
A couple things to consider...
The SmartScan feature provides additional scanning capabilities and techniques for scanning sites that use advanced JavaScript frameworks and/or rely heavily on AJAX calls. To use the SmartScan feature, you need to enable SmartScan in the WAS option profile.
Enhanced Crawling: The enhanced crawling in your option profile for your scans improves scan coverage for your web application. With the enhanced crawling enabled, more links can be crawled. We will re-crawl individual directories present in the links which are found during crawling. Learn more
You can easily configure default values for scan at the user level. You can configure the number of months for which you want to retain the scan data and default format of the scan title. User default settings will always override the subscription default settings.
Simply go to Scans > Defaults to view the current settings. Click Edit to change the values and save your changes.
By default, we use form field names to calculate form uniqueness. Select "Form Crawl Scope" option and we’ll use form action URI along with form fields for calculating the form uniqueness.
This issue may occur because may be your scans are not sorted by date. To sort your scan by date, go to Scans > Scan List. Click the Scan Date column to sort the scan list by scan date. Optionally, you can also select the My Scans check box filter in the left panel to view your scans.
next
to scan status to indicate that the current scan is a Multi-Scan.
After the scan is completed, if you see 
, it
indicates that one or more scans ended in "Error" status
or some other problem occurred in the Multi-Scan itself.