Non-vulnerables

During a scan, AppScan® sends many thousands of test variants to the site it is testing. The responses to many of these indicate that they do not pose a security threat of any kind, and by default AppScan® discards all these "non-vulnerable" results.

  • If necessary, you can configure AppScan® to save all non-vulnerables
  • Tests originally identified as non-vulnerable but later marked as vulnerable can be reverted to non-vulnerables.

Saving non-vulnerables information

Defining issues as non-vulnerables

Non-vulnerables list