Incremental scans
An Incremental scan can save time by utilizing the results of an
earlier scan, and testing either
- New parts of the application and also those parts of the application where an issue was previously found, or
- Only new parts of the application
Tip: Incremental
scanning can be very useful if you want to run frequent and faster scans, but it is
recommended to run full scans from time-to-time, in case new bugs occur in previously
error-free parts of the site.
To run an incremental scan:
- Open a full scan (that is, one that includes both Explore and Test stages) that you want to use as the base for the re-scan.
- Click File > New scan > Incremental
- In the dialog box that appears, select the base scan, and add password if needed.
- Select the type of scan you want:
- Retest for previously found issues: Tests new parts of the application and
also resends tests that revealed a vulnerability in the original scan (to those
parts of the application where the vulnerability was found).Note: When retesting for issues that were found in the base scan, only the specific test variants that revealed the vulnerability are sent, so testing is still kept to a minimum.
- Don't retest: Tests only new parts of the application.
Note: When you start the scan, unsaved results are discarded, so make sure you save them if needed. - Retest for previously found issues: Tests new parts of the application and
also resends tests that revealed a vulnerability in the original scan (to those
parts of the application where the vulnerability was found).
- Click Start.
To run an incremental scan from the command line:
- See Exec command
Incremental scan results
- The base scan results are not shown in the user interface, only the results of the Incremental scan, when obtained.
- Counters on the Application tree and Results list indicate total issues found
(a)
and total New issues(b)
, in the format:[Issue name] (a) b New
- The Status bar indicates when the current scan is Incremental.