Non-vulnerables
During a scan, AppScan® sends many thousands of test variants to the site it is testing. The responses to many of these indicate that they do not pose a security threat of any kind, and by default AppScan® discards all these "non-vulnerable" results.
- Non-vulnerables are not displayed by default. You can configure AppScan® to save all non-vulnerables and dipslay them if required by enabling the Save non-vulnerables information checkbox from the Test options.
- Once enabled, after the scan completes, the Non-vulnerables list is displayed on the Navigation bar.
- Tests originally identified as non-vulnerable but later marked as vulnerable can only be reverted to non-vulnerables.