Docs
Start typing to search…

Modern Scan

Testing your targets

Introduction

This page describes a modern approach to scanning, that greatly saves time and resources. It's possible because of dividing the scanning process into two separate and independent parts:

  • Discovery – is a process of finding entrypoints. This should be made once, since a target is not changed. Base methods of getting entrypoints remain the same: Crawling, uploading a .HAR file, or API schema. Additionally, you can add a single Entrypoint manually. Learn more about how to create a Discovery.
  • Testing – is a process of exploiting a target with a preconfigured number of tests. Separating a discovery process allows users to run scans with manually chosen entrypoints. Also, it decouples the quality of findings from the API schema file.

Benefits

  • Faster onboarding of targets: Time is saved from not having to run discovery on every scan.
  • Reduced testing time: You can only scan the new or modified entrypoints, resulting in less time needed to complete the scan.
  • Entrypoint editor and Baseline value manager: Allows fixing baseline value issues and connectivity problems significantly faster.
  • Increased scan stability and predictability: Scan results will be more predictable since there is no crawling process during every new scan.
📘

Note:

Legacy scanning is still available, to use it, click Discover Entrypoints in the New Scan dialogue.

How to get Entrypoints

To start a new scan, you will need an entrypoint or a list of them. Either run a discovery or add entrypoints manually.

How to test

Once you have entrypoints in the Project to work with, you can select them as part of defining a new scan. This can be done in two ways:

  1. Click New ScanTargetsSelect known Entrypoints from the Project+ Select Entrypoints.
  2. Open ProjectsEntrypoints tab → Add all to selection (or select only the ones you want to scan) → Create new scan.

How to fix connectivity problems

Some entrypoints might have connectivity problems, which can be fixed using the in-app Entrypoint editor. To learn how to fix connectivity problems, see the article.

How to manage issues

To manage found issues and review the history of entrypoint issues over time, use the following pages:

  • Entrypoint Summary – contains the information about each entrypoint, and allows users to manage it.
  • Issue Summary – contains the information about the issue itself, providing the history of scanning to track it. To learn how to use the issue Summary, see the article.

Updated 28 days ago

What’s Next