Test Optimization

Test Optimization lets you take advantage of our ongoing statistical analysis for a faster scan.

About this task

A full regular AppScan Standard scan typically sends thousands of tests and may take hours, in some cases days, to complete. During the early stages of development, or for a quick overall evaluation of the current security posture of your product, you can use Test Optimization to get the results you need in a shorter time frame, by choosing a balance between speed and issue coverage. There are three levels of optimization, and the table below shows some suggested use case for each level.

Our intelligent test filters are based on statistical analysis, and filter out certain tests – or even specific test variants – to produce a shorter scan that identifies the more common, severe and otherwise important vulnerabilities only. AppScan fix packs and ifixes keep you up-to-date with the latest optimization filters. Using Test Optimization can greatly reduce overall scan time when fast results are more important to you than a thorough, in-depth scan.

Procedure

  1. Select the option you need (if in doubt, leave the default option):
    Setting Vulnerability coverage* Test stage speed Suggested use
    No optimization Maximum Full length scan (as configured) For security experts before a major releases, compliance testing, and benchmarks, when a longer scan will not interrupt your development workflow. With this setting all issues in the selected Test Policy are tested for.
    Fast (default) ~97% Up to twice as fast For security experts for their more frequent scans.
    Faster ~85% Up to five times as fast For DevSecOps, during ongoing evaluation.
    Fastest ~70% Up to ten times as fast For Dev and QA during initial evaluation.
    Important: The values shown in the table above are estimates based on some typical applications, but the actual reduction in scan time and extent of issue coverage will vary depending on your specific application.
  2. Click Next to proceed to the final stage of the wizard.

What to do next

Complete