Built-in scan configurations

AppScan Source provides built-in scan configurations. These cannot be modified or removed. Selecting them in the list will allow you to duplicate them or view their settings. Built-in configurations can be accessed in server mode or local mode.

Built-in scan types

Built-in scans are scan configurations that have set parameters and properties to achieve specific scanning goals. The advanced settings listed are from ozsettings (ounce.ozsettings, scan.ozsettings, or others).

AppScan Source includes the following built-in scan types.:
Built-in scan name Quick scan Web scan Normal scan Large scan Virtual scan Large virtual scan Android scan Complete scan
Scan rules Everything X X
User input X X X X X
Web applications X X
Error handling and logging
Environment
External systems X X X
Data store X X X X X
Unusual things X X
File system X
Sensitive data X X
Advanced settings Automatic callback F F D F T T T
Automatic propagator F F D F F F T
CPA T T D T T T T
Display skipping T F D T F F F
Pruning heuristics 100 7 D 100 100 100 7
IPVA per root limit 2 50 D 2 100* 100* 0
Process VM site 2048 2048 D 4096 4096 4096 4096
Prototypical traces 1 0 D 1 1 1 0
Replace SetGetAttribute F T D F T T T
Show info findings F T D F F F T
Single virtual call T T D T F F F
Suppress messages F F D T F F F
Virtual audio callback 0 0 D 0 0 1 0
Virtual call out 0 0 D 0 0 0 0
WAFL global tacin F T D F T T T
Where:
  • D=Default. The setting has not been edited for this scan configuration.
  • F=False. The setting has been edited to false for this scan configuration.
  • T=True. The setting has been edited to true for this scan configuration.

Built-in scan size and speed

The 24 built-in scan types provide a range of common scan details, speed, and size. In general, the scans be be categorized as:
  • Quick
  • Normal
  • Medium-to-large
  • Large
It may seem that larger scans are better scans because they provide more data. This is not always the case.

Depending on the type of data being scanned, and other scan configuration details, larger scans may actually perform shallower analyses to lesses time and/or space resource requirements. Thus it is important to understand what you are scanning for, and the type of findings expected by any scan, whether it is built-in scan configuration or a custom configuration.