Scan Configuration Dialog Box

About this task

The Scan Configuration dialog box provides many options for configuring your scans. The main options are also available via the Scan Configuration Wizard, but using the dialog box is recommended when you want to change many of the default settings, or tweak an existing configuration.

Procedure

To open the Scan Configuration dialog box, click the Configuration icon

on the toolbar (or press F10).

The Scan Configuration dialog box has different views, divided into four groups, that are accessed by clicking the relevant item in the view selection pane, on the left-hand side.

Note: If you stop a scan and change the configuration, changes will not affect requests already sent. To apply changes to the entire scan you must start a new scan.

Tip: You can change configuration options in more than one of the views, and then click OK to save all changes. (Your changes are kept as you navigate between the views, but only saved when you click OK.)


View	Select to configure:
Explore
URL and Servers view	Starting URL, system type, and additional servers
Login Management view	Set login method, record a login sequence (optional), and configure in-session detection
Environment Definition view	Provide information about the application environment
Exclude Paths and Files view	Paths and file types to exclude from the scan
Explore Options view	Scan limits, link extraction methods and general Explore method
Parameters and Cookies view	Identify session IDs and list parameters to exclude from the scan
Automatic Form Fill view	Provide AppScan® with valid parameter values for filling forms
Error Pages view	Add strings, regexps and URLs to identify custom error pages
Multi-Step Operations view	Record and manage multi-step operations that are required to reach parts of the application
Content-Based Results view	For applications that do not have a hierarchical URL structure, such as single entry-point applications, define how AppScan arranges the site tree.
Connection
Communication and Proxy view	Configure communication timeout and proxy server settings
HTTP Authentication view	Add server-level authentication and client-side certificates, if required by the application
Test
Test Policy view	Define and edit test policy (which tests are sent to the application)
Test Optimization view	Apply Test Optimization at times in the product lifecycle when a fast scan is more important to you than scan depth.
Test Options view	Additional test options
Privilege Escalation view	Refer AppScan to scans run using different user privileges, to discover privileged resources that are available to users with insufficient privileges
Malware view	Test for malicious links.
General
Scan Expert view	Configure Scan Expert behavior and modules
Advanced Configuration view	Configure advanced scan options