Personal scans

A personal scan is a way of evaluating the relative security of an application in development without affecting overall application scan data (issues, for example), or compliance.

A personal scan appears in the list of scans for the application, but issues found in personal scans are not merged with the rest of the application results. Just as with a regular scan, you can download reports on personal scans.

In the Scan List, a personal scan is identified by the personal scan icon:

Results from personal scans look the same as results from regular scans in the scan data, but are not consolidated with the issue management pool of results. Therefore indications like application compliance are not affected by personal scans.

Note: Personal scans do not appear in the SCA tab.

Create a personal scan

Any scan can be designated a personal scan. In the last step of the configuration, select the Run as a Personal Scan check box.

Note: A personal scan is deleted after 30 days, unless you promote it within that time.

Promote a personal scan

To add the results of a personal scan to the results for the application as a whole, from the ellipsis menu for the personal scan, select Promote.

Note: You must have appropriate user permissions to promote a personal scan.

How ASoC handles the issues in the personal scan depends on the following scenarios:

Table 1.
Scenario	Action	Issue attributes merged from personal scans
The personal scan has an issue not previously found in the application.¹	ASoC adds the issue from the personal scan to the application, carrying with it all information from the personal scan.	All attributes, except comments.
An issue exists in both the personal scan and the application, with these conditions: The personal scan is newer than the current application scan, AND The issue is marked as Fixed in the application.	ASoC merges the issue from the personal scan with the existing issue in the application results and refreshes issue status to Reopened.^1, ²	No attributes. For example, comments are lost. However, properties such as last found date are carried over.
An issue exists in both the personal scan and the application, and the current application scan is newer than the personal scan.	ASoC merges the issue from the personal scan with the existing issue in the application results with no change to issue status.	No attributes. For example, comments are lost.

New and reopened issues could impact application compliance. Baseline policy may also impact application compliance.
Issues are counted from when they were discovered, not when the scan was promoted.