Scan menu

Used to control the scan.

Command

Click to:

Full Scan

Start a full scan (Explore and Test stages) or continue a paused scan.

Pause

Pause current scan (whether Full Scan, Explore Only or Test Only). You can resume the scan later. You can also save a paused scan to continue at another time.

Re-Scan >
Rerun the current scan or scan stage. Select one of the sub-menu items:
  • Re-Scan Full (Explore + Test): Clear scan results, and run a full scan using the current configuration.
  • Incremental: Clear scan results, run a full Explore stage, and then:
    • Test only new parts of the application, or
    • Test new parts of the application and resend tests that revealed a vulnerability in the original scan - to those parts of the application where the vulnerability was found.
  • Re-Explore: Clear scan results and run an Explore stage only using the current configuration.
  • Re-Test: Clear Test results and run a new Test stage using the current configuration and Explore results.

Explore Only

Run an Explore stage only, without following it with the Test stage.

Manual Explore
Explore your site manually. Options are:
  • Chromium browser
  • IE browser
  • External browser (if configured)
  • External Client >
    • Postman
    • SoapUI
    • Other

For details, see Manual exploring.

Test Only

Run a Test stage only (or continue a Test that was paused), without first running an Explore stage. This option is active only when there are already some Explore results.

Re-Test Issues Found

This option sends only the tests that revealed issues. This is a quick way of seeing whether issues found in the last scan have been fixed.

Clear All Scan Data

Delete all Explore and Test results, keeping only the Scan Configuration.

Change Host/Scheme/Port

If you have already recorded a login, multi-step operations, and/or a Manual Explore - and then the host, scheme or port of your Starting URL changes - requests and responses in these recordings must be updated and verified. Click Scan > Change Host/Scheme/Port to open a dialog box from which you can change the URL, and get AppScan to automatically update, verify and confirm the necessary changes.

The dialog box shows the steps being performed, and indicates when each step is successful. If the update process does not complete successfully, the dialog box indicates which step failed, and gives you the option to save the changes and proceed manually, or undo all changes.
Important: In some cases AppScan may update responses incorrectly, and part or all of the scan will fail. If that happens you will need to re-record the problematic procedures.
Note: Although Manual Explore data is updated, Automatic Explore data, and scan results, are deleted when you change the Starting URL.
Note: This option can be used to change only the host, scheme, or port of only the Starting URL. If you need to make other changes to the Starting URL, or change the host, scheme or port for one of the Additional Domains in the scan, you cannot use this option. Instead, save the scan as a template, and use that to create a new scan.

Scan Configuration

Define the properties of a scan. See Scan Configuration Dialog Box