Create PCI option profile



Create a PCI option profile in the user's account.

Permissions - A Manager will be able to create option profiles in the subscription. A Unit Manager will be able to create option profiles for users in their business unit.

Input Parameters






(Optional) Specify 1 to view (echo) input parameters in the XML output. By default these are not included.


(Required) The title of the option profile.


(Optional) The owner of the option profile(s), or the user who created the option profile.


(Optional) Share this profile with other users by making it global. Specify 1 to make global.

Are you a Manager? This profile will be available to all users.

Are you a Unit Manager? This profile will be available to all users in your business unit.


(Optional) Specify to 1 to download this profile to your offline scanners during the next sync.


(Optional) Specify 1 to enable parallel scaling. This setting can be useful in subscriptions which have physical and virtual scanner appliances with different performance characteristics (e.g., CPU, RAM).  

Specify this option to dynamically scale up the number of hosts to scan in parallel (at scan time) to a calculated value which is based upon the computing resources available on each appliance. Note that the number of hosts to scan in parallel value determines how many hosts each appliance will target concurrently, not how many appliances will be used for the scan.



Optional) The profile “normal” is recommended in most cases. The settings for scan_external_scanners, scan_scanner_appliances, scan_total_process, scan_http_process, scan_packet_delay, and scan_intensity change as per the specified profile.

Normal - Well balanced between intensity and speed.

High - Recommended only when scanning a single IP or a small number of IPs. Optimized for speed and shorter scan times.

Low - Recommended if responsiveness for individual hosts and services is low. Optimized for low bandwidth network connections and highly utilized networks. May take longer to complete.



(Optional) Specify the number of external scanners to be used for associated scans. This setting is available only if you have multiple external scanners in your subscription. For example, if you have 10 external scanners in your subscription, you can configure this setting to any number between 1 to 10.



(Optional) Specify the number of scanner appliances to scan at the same time (per scan task). Launching several concurrent scans on the same scanner appliance has a multiplying effect on bandwidth usage and may exceed available scanner resources. Don't have scanner appliances? Disregard the Scanner Appliance setting.


Optional) Specify the maximum number of processes to run at the same time per host. Note that the total number of processes includes the HTTP processes.


(Optional) Specify the maximum number of HTTP processes to run at the same time.




(Optional) Specify the delay between groups of packets sent to each host during a scan. With a short delay, packets are sent more frequently. With a long delay, packets are sent less frequently.



(Optional) This setting determines the aggressiveness (parallelism) of port scanning and host discovery at the port level. Lowering the intensity level has the effect of serializing port scanning and host discovery. This is useful for certain network conditions like cascading firewalls and lower scan prioritization on the network. Tip - If you are scanning through a firewall we recommended you reduce the intensity level. Unauthenticated scans see more of a performance difference using this option.


(Optional) Specify 1 to enable scanning dead hosts. A dead host is a host that is unreachable - it didn't respond to any pings. Your scan may run longer if you choose to scan dead hosts.


(Optional) Specify 1 to quickly close vulnerabilities for hosts that are not found alive after a set number of scans. When enabled, we'll mark existing tickets associated with dead hosts as Closed/Fixed and update the vulnerability status to Fixed.



(Optional) Specify the number of times the host is not found alive after which the vulnerability should be closed. This setting is available only when close_vuln_on_dead_hosts=1.


(Optional) Specify 1 to purge host data. This option is especially useful if you have systems that are regularly decommissioned or replaced. By specifying this option you’re telling us you want to purge the host if we detect a change in the host's Operating System (OS) vendor at scan time, for example the OS changed from Linux to Windows or Debian to Ubuntu. We will not purge the host for an OS version change like Linux 2.8.13 to Linux 2.9.4.





(Optional) Specify additional TCP ports to scan. You can specify up to 7 additional ports apart from the 13 standard scan ports used by default: 21-23, 25, 53, 80, 88, 110-111, 135, 139, 443, 445.


Sample - Create PCI option profile

API request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With:curl" -X POST

"action=create&title=jp pci 333&global=1&offline_scanner=1&external_scanners_use=3&scan_parallel_scaling=1&scan_overall_performance=high&additional_tcp_ports_additional=80,35" ""


XML output

<?xml version="1.0" encoding="UTF-8" ?>





    <TEXT>Option profile successfully added.</TEXT>











<platform API server>/api/2.0/simple_return.dtd