Predefined policies

The Policy files pane at the lower right of Edit test policy dialog lets you select one of the recently used policies, or one of the predefined ones. The predefined policies provide a range of useful policies for common requirements.

Policy name

Description

Default

Includes all tests except invasive and port listener tests.

Application-Only

Includes all application level tests except invasive and port listener tests.

Infrastructure-Only

Includes all infrastructure level tests except invasive and port listener tests.

Third-Party-Only

Includes all third-party level tests except invasive and port listener tests.

Invasive

Includes all invasive tests (tests which might affect the server's stability).

Complete

Includes all AppScan® tests.

Web Services

Includes all REST and SOAP related tests except invasive and port listener tests.

The Vital Few

Includes a selection of tests that have a high probability of success. This can be useful for evaluating a site when time is limited.

Developer Essentials

Includes a selection of application tests that have a high probability of success. This can be useful for evaluating a site when time is limited.

Production Site

Excludes invasive tests that might damage the site, or tests that might result in Denial of Service to other users.
Note: For more information about scanning a live site, see Scanning live production environments.