Modern Scan
One of the challenges of doing scanning in a Legacy way is that discovery and testing are mixed. As a result, it’s hard to analyze the particular issues, which can affect the scan resiliency and predictability. Also, this approach takes more time and it’s not consistent.
Solution
This page describes a modern approach to scanning, that greatly saves time and resources. It's possible because of dividing the scanning process into two separate and independent parts:
- Discovery – is a process of finding entrypoints. This should be made once, since a target is not changed. Base methods of getting entrypoints remain the same: Crawling, uploading a .HAR file, or API schema. Additionally, now it's possible to add a single entrypoint manually. Learn more about how to create a Discovery.
- Testing – is a process of exploiting a target with a preconfigured number of tests. Separating a discovery process allows users to run scans with manually chosen entrypoints. Also, it decouples the quality of findings from the API schema file.
Benefits
- Faster onboarding of targets: While downloading a new schema, only the difference between the old and new schema should be fixed. And it will work while the target remains the same.
- Reduced testing time: E.x. then you have an interrupted scan with 97 tested entrypoints out of 100, you don't need to scan it again, you can select the remaining manually.
- Entrypoint editor and Baseline value manager: allows fixing baseline value issues and connectivity problems significantly faster.
- Increased scan stability and predictability: scan results will be more predictable since there is no crawling process during every new scan
Note:
Legacy scanning is still available, to use it, click Discover Entrypoints during a scan in a New Scan dialogue.
How to get entrypoints
To start a new scan, you will need an entrypoint or a list of them.
- Crawler - Bright can crawl your web application to define the attack surface. This option does not require any details that might get you tangled. To run a security scan using a crawler, you simply need to specify the target URL in the URL field. Learn more about a Crawler.
- .HAR-file - An HTTP Archive File (.HAR file) is a recorded session of user interaction with an application. The .HAR file keeps all the HTTP requests and responses between the web client and web application.
You can use a pre-recorded .HAR file when running a security scan. Using the data contained in the .HAR file, Bright defines the attack surface and ensures complete coverage of the scan scope. Learn more about .HAR-files in Bright. - API Schema - Bright supports the following versions of the API schemas: Swagger 2+, OpenAPI 3+, Postman 2+. You don't need to have an ideal API-schema, you can upload the one that you have. All you need to do is to fix it once. Learn more about API Schemas.
- Add a single Entrypoint - you can manually add a single Entrypoint using an in-app tool, and then fix it in case if it has connectivity problems. Learn more about how to add fix Entrypoints.
How to test
Once you have entrypoints in the Project to work with, you can select them as part of defining a new scan. This can be done in two ways:
- Click New Scan → Targets → Select known Entrypoints from the Project → + Select Entrypoints.
- Open Projects → Entrypoints tab → Add all to selection → Create new scan
How to fix connectivity problems
Some entrypoints might have connectivity problems, which can be fixed using the in-app Entrypoint editor. To learn how to fix connectivity problems, see the article.
How to manage issues
To manage found issues and review the history of entrypoint issues over time, use the following pages:
- Entrypoint Summary – contains the information about each entrypoint, and allows users to manage it. To learn how to use the Entrypoint Summary, see the
- Issue Summary – contains the information about the issue itself, providing the history of scanning to track it. To learn how to use the issue Summary, see the article.
Updated over 1 year ago