Manage your scans

Who has permission to manage scans?

When can I run reports on my scan?

What vulnerabilities do scans check for?

How long are my scan results saved?

Tell me about the ScanTrust option

How can I tell how a scan was launched?

Where can I get scan status?

Tell me about the preview pane

How do I know when a scan is finished?

Tell me about vulnerability status in scan results

Tell me about scan progress

Can I troubleshoot a scan if there's a problem?

Tell me about scan statistics

How do I reproduce QID 150022 Verbose Error Message?

How can I tell if authentication was successful?

Multi-Scan Support - For high volume scanning

Can I schedule scans?

SmartScan Support - For advanced frameworks

Can I cancel a scan after it's launched?

Tell me about configuring default settings

Can I retrieve partial scan data after cancelling a unfinished scan?  

Tell me about Form Crawl Scope

How do I download scan results?

Tell me about the sitemap

Can I run my scan again?

 

Who has permission to manage scans?

A user's permission to launch a scan and view scan results depends on the user’s account settings. The user's role (Manager, Unit Manager or Scanner) determines whether the user can launch scans and edit schedule settings. The user's scope determines which web applications, option profiles, and scanner appliances are available to the user. Learn more

What vulnerabilities do scans check for?

Our KnowledgeBase of vulnerabilities is the largest in the industry and it is available to you at all times. Multiple sources contribute to updating the KnowledgeBase on a continuous basis, including the research of our own Security Engineers. When you launch a vulnerability scan, we'll check for all vulnerabilities if you choose the option profile called "Initial WAS Options". Want to limit the scan to certain vulnerabilities? No problem, just update your option profile before you launch your scan. Go to the KnowledgeBase and create a search list (this is a list of vulnerability QIDs), then edit the option profile you'll use for the scan and select the search list.

Each vulnerability in the KnowledgeBase is assigned a unique ID (QID), a type (vulnerability, potential vulnerability, information gathered) and additional information for classification and tracking. Learn more

Tell me about the ScanTrust option

Enable the ScanTrust option to scan a web application protected by WAF. This lets you get visibility on vulnerabilities that are not yet fixed but blocked by WAF. Learn more

Where can I get scan status?

The scan status appears in scan results and reports, and you can see the status of your running and completed scans in the Status column of the scans list. To track the progress of a running scan, hover over the scan in the scan list and choose View from the menu. Learn more

Tell me about scan progress

We display more information in the scan view to give you a better picture about the scan progress by displaying the scan phases along with the status. Once the scan is launched, go to the quick actions menu and select View. You can view the scan progress and the various phases it undergoes before the scan is completed. We display the progress of each phase for you to know the scan status.

- Initializing
- Crawling
- Testing
- Finalizing

We also display the scan progress bar that tells you the time elapsed since the scan was launched. The elapsed time portrays a clear picture of how long the scan has been in progress from the time it has been launched.

Scan Progress in Scan View window.

Tell me about scan statistics

We display scan statistics to help you analyze your scan in a better manner. Once the scan achieves Finished status, you can select View from quick actions menu and view the scan statistics.  We also display: Ajax Links Crawled, Request Crawled, Timeout Errors, Unexpected Errors for the scan.

Scan statistics in Scan View window.

How do I know when a scan is finished?

You'll know when the scan status shows Finished. At this time you can select View from the Quick Actions menu to see an overview of the scan. Then click the View Report button to launch a report of the scan details. If you have notifications turned on you'll get an email. This is especially useful if you logged out of the application or went on to do other things while the scan was running. Learn more

How can I tell if authentication was successful?

The scan preview and results tell you whether authentication was successful. If authentication was successful, the authentication record name appears in green. If not successful, the name appears in red. Learn more

Can I schedule scans?

Yes. In fact it's best practice to setup scheduled scans so that scans run automatically and you receive scan results on a regular basis - daily, weekly or monthly. Regular scan results give you the most meaningful reports and help you lower security risk. Simply go to Scans > Schedules and click New Schedule.

Can I deactivate a schedule?

Can I download my schedules to iCalendar?

Can I cancel a scan after it's launched?

Yes, you can cancel an unfinished scan (child scan in a multi-scan as well). Just select the scan in the scans list and choose Cancel from the menu. The Results will not be returned for scans canceled in this way. To return results for a cancelled scan, we recommend using the cancel setting when launching or scheduling your scan. (Note: the Cancel Scan option is enabled only after 20 minutes of scan goes into Running status.)

Choose the Scan Cancel option to cancel a scan automatically after some period of time - a number of hours, or at a specific time. You can choose the Cancel Option for a new scan, child scan of a multi-scan and a scan schedule, and for a web application's default scan settings.

Can I retrieve partial scan data after cancelling a unfinished scan?  

Yes, you can use Cancel Scan with Results option from the quick action menu to cancel a unfinished scan and then retrieve the partial scan results. (Note: the Cancel Scan with Results option is enabled only after 20 minutes of scan goes into Running status.)

Cancel Scan with Results option in the quick action menu.

To view the partial data that has been retrieved by the unfinished scan, click View Report from the quick actions menu for scans with Canceled With Results status. The Cancel Scan with Results option is available for child scan in a multi-scan as well.

How do I download scan results?

You can download the finished scan results in legacy XML from the scans list. Legacy XML is the scan results format created using WAS v1. Go to Scans > Scan List, hover over a scan row and choose Download from the Quick Actions menu. You can view results of a finished scan by choosing View from the Quick Actions menu. You'll see an overview of the scan. Here you can click the View Report button to launch a report of the scan details.

Can I run my scan again?

Yes. Identify the scan you want to run again and choose Scan Again from the Quick Actions menu. We'll do our best to pre fill the scan settings to match the original scan. We may not be able to pre fill settings if there were changes in your account like the option profile was renamed. Interested in automated scanning? Go to the Schedules tab and set up a recurring scan schedule for continuous monitoring.

Tell me about the Sitemap

The scan sitemap gives you an interactive view of scan results for a single web application. Just select a scan (from the scans list) and then View Sitemap from the Quick Actions menu. The sitemap lets you explore pages/links scanned, links crawled, vulnerabilities and sensitive content detected, and drill down to see information on nested links. You can select links found to take these actions: create new web applications, and blacklist/whitelist links for the target web application.

When can I run reports on my scan?

You can run reports on your scan when the status in the scan list is shown as Finished. Just choose View Report from the Quick Actions menu.

How long are my scan results saved?

By default, scan results are Never Deleted. Scan owners have the option to set a storage limit of 1 to 13 months. You define scan storage settings in the WAS application.

How do I configure scan storage?

How can I tell how a scan was launched?

You can tell how each scan was launched by looking at your scan list. You'll see one of these launch modes for each scan: on demand,  scheduled or API. The preview pane also shows the launch mode.

Tell me about the preview pane

The preview pane appears under the scans list when you click a row in the Scans section. The preview displays the target web application, the user who launched the scan and the date and time when the scan was launched and other details. The authentication record name appears in green if successful, in red if not successful. For a discovery scan you'll see the crawling time and number of pages discovered. For a vulnerability scan you'll see the number of vulnerabilities detected and a breakdown of vulnerabilities by severity level. Tip - Hover over the authentication record name for more information.

Tell me about vulnerability status in scan results

You'll see the status of detected vulnerabilities in Scan Reports. We continuously update the status of detected vulnerabilities in your account, based on the most recent scan results. Each vulnerability instance is assigned a status - New, Active, Fixed or  Reopened. Look here

What does the status mean?

Can I troubleshoot a scan if there's a problem?

You can troubleshoot most scan problems by viewing the QIDs in the scan results. Learn more

How do I reproduce QID 150022 Verbose Error Message?

You might see this error reported for a web application scan. Click here to learn how to reproduce it.

Multi-Scan Support - For high volume scanning

Our WAS application is the most scalable web application scanning solution available. We've enhanced the ability to support large web application scanning programs by adding the ability to scan any number of web applications as a Multi-Scan. This feature enables you to scan hundreds or even thousands of web applications you may have in your organization with granular insight into what scans are running and which ones are complete.

A couple things to consider...

SmartScan Support - For advanced frameworks

The SmartScan feature provides additional scanning capabilities and techniques for scanning sites that use advanced JavaScript frameworks and/or rely heavily on AJAX calls. To use the SmartScan feature, you need to enable SmartScan in the WAS option profile.

Enable SmartScan Support Option in Scan Parameters.

Enhanced Crawling: The enhanced crawling in your option profile for your scans improves scan coverage for your web application. With the enhanced crawling enabled, more links can be crawled. We will re-crawl individual directories present in the links which are found during crawling. Learn more

Tell me about configuring default settings

You can easily configure default values for scan at the user level. You can configure the number of months for which you want to retain the scan data and default format of the scan title. User default settings will always override the subscription default settings.

Simply go to Scans > Defaults to view the current settings. Click Edit to change the values and save your changes.

Define Scan default values.

Tell me about Form Crawl Scope

By default, we use form field names to calculate form uniqueness. Select "Form Crawl Scope" option and we’ll use form action URI along with form fields for calculating the form uniqueness.