Personal scans
A personal scan is a way of evaluating the relative security of an application in development without affecting overall application scan data (issues, for example), or compliance.
A personal scan appears in the list of scans for the application, but issues found in personal scans are not merged with the rest of the application results. Just as with a regular scan, you can download reports on personal scans.
Create a personal scan
Promote a personal scan
To add the results of a personal scan to the results for the application as a whole, from the ellipsis menu for the personal scan, select
.How ASoC handles the issues in the personal scan depends on the following scenarios:
Scenario | Action | Issue attributes merged from personal scans |
---|---|---|
The personal scan has an issue not previously found in the application.1 | ASoC adds the issue from the personal scan to the application, carrying with it all information from the personal scan. | All attributes, except comments. |
An issue exists in both the personal scan and the application, with these conditions:
|
ASoC merges the issue from the personal scan with the existing issue in the application results and refreshes issue status to Reopened.1, 2 | No attributes. For example, comments are lost. However, properties such as last found date are carried over. |
An issue exists in both the personal scan and the application, and the current application scan is newer than the personal scan. | ASoC merges the issue from the personal scan with the existing issue in the application results with no change to issue status. | No attributes. For example, comments are lost. |
- New and reopened issues could impact application compliance. Baseline policy may also impact application compliance.
-
Issues are counted from when they were discovered, not when the scan was promoted.