Personal scans

A personal scan is a way of evaluating the relative security of an application in development without affecting overall application scan data, or compliance.

After it is run, a personal scan appears in the list of scans for the application, but the scan data is not merged with the rest of the application results. As with a regular scan, you can download reports on personal scans. In the Scan List, a personal scan is identified by the personal scan icon:

Results from personal scans look the same as regular scans in the scan data, but are not consolidated with the issue management pool of results. Therefore indications like application compliance are not affected by personal scans.

Create a personal scan

Any scan can be designated a personal scan. In the last step of the configuration, simply select the Run as a Personal Scan check box.
Note: A personal scan is deleted after 30 days, unless you promote it within that time.

Promote a personal scan

To aggregate the results of a personal scan with those of the application as a whole, click Actions > Promote for that scan.

At the end of the process a message tells you how many issues are "New" (issues not previously found in the application data), "Merged" (issues found in both the personal scan and in the application), and "Reopened" (issues found in the personal scan that had been marked Fixed in the application, and have now been reopened).
Note: Issues found by the personal scan, that were marked "Fixed" in the application, will be reopened when the personal scan is promoted. You may want to review these to verify that they are in fact still open issues in your app.
Note: If you promote a personal scan in an application with a baseline policy dated after the personal scan ran, issues found in the scan will not change the status of the application. This is because the issues are counted from when they were discovered, not when the scan was promoted.