General Settings
The General Settings page allows you to customize permissions and functions for Acunetix 360 based on your preferences. The table below explains the options available on this page.
How to update General Settings
- Select Settings > General from the left-side menu.
- If you're using Acunetix 360 On-Demand, select the relevant checkboxes. For Acunetix 360 On-Premises, fill out the fields and select the relevant checkboxes.
- Click Save.
NOTE: The availability of these settings varies depending on the system version and the user's privileges. |
Field | Description |
Settings available in Acunetix 360 On-Premises only | |
Application URL | This is the URL that will be used to generate all system URLs. |
Update Server URL | This is the URL that will be used to connect for updates. It has a static value that cannot be changed. |
Enable Discovery Service | Enable this option for scan to include application and service discovery. It is enabled by default. |
Discovery Service URL | This is the directory path where discovery service data is stored. If you change this path, you should move the existing files from the old location to the new one. |
Scan Data Path | This is the directory path where scan data is stored. If you change this path, you should move the existing files from the old location to the new one. |
Screenshots Path | This is the directory path where screenshots are stored. If you change this path, you should move the existing files from the old location to the new one. |
Agent Data Path | This is the directory path where agent installation files and agent request logs are stored. If you change this path, you should move the existing files from the old location to the new one. |
Max Upload File Size in MB | This is the maximum uploaded file size in megabytes. This setting sets the maximum uploaded file size for Client Certificate, Import Links, Import Websites, Custom Fields in Integrations, Scan Policy, and importing License File. |
Sales Contact Email | This is the email address of your Sales Contact at Acunetix. |
Support Contact Email | This is the email address of your Support Contact at Acunetix. |
Agent Not Available Timeout (Minutes) | This lets you set a timeout in minutes to mark agents as Not Available when they remain non-responding longer than the specified time. |
Agent Selection Enabled | Enable this option to allow users to select an Agent (a service application that executes scans) when launching a scan. It is enabled by default. |
Enable AcuMonitor URL Configuration | Enable this option to configure the AcuMonitor URL. If enabled, you can enter the AcuMonitor URL and validate AcuMonitor and DNS Settings. If changed, you can select the Update all scan policies option to apply the change to all scan policies. |
Help Invicti make our products and services better by automatically sharing diagnostics and usage data | The share usage analytics setting is automatically enabled to allow anonymous sharing of diagnostics and user data with our analytics partner, Pendo. |
Enable Segment Tracking | Enable this option to let Acunetix 360 track your usage. If enabled, you need to enter the key into the Segment Key field. This is optional and is subject to the legal agreement between your organization and Invicti Security. |
Impersonation Settings (available only in Acunetix 360 On-Demand) | |
Support can see my account | This enables Acunetix support to see your account. |
Support can edit my account | This enables Acunetix support to edit your account. |
Advanced Settings | |
Disable issue notifications that are sent by the system | Enable this option to disable Issue notifications that are sent by Acunetix 360. |
Do not mark Information issues as accepted risks | Enable this option to prevent Information Issues from being automatically marked as Accepted Risk. |
Disable assigning issues to the committer | Enable this option to disable the assigning of Issues to the committer during scans triggered by any Continuous Integration System. Disabling this setting means that Issues are assigned to the Technical Contact. |
Send notifications about long-running scans | Enable this option to receive notifications from the system about long-running scans. It is enabled by default. This is available in the Acunetix 360 On-Premises edition only. |
Force agents to use Invicti web application VDB file URL | Instead of configuring proxy settings for services.invicti.com, enabling this option allows agents to utilize the Invicti web application as a Vulnerability Database (VDB) source. |
Allow assignment of agents to specific teams | When enabled, Account Administrators or Account Owners can assign individual Scan Agents and Agent Groups to particular teams so that those assigned agents can only be used by the designated team members. |
Internal agent Terminate Timeout (Hours) | This setting terminates agents that have not sent heartbeats within the specified time duration. The duration must be between 1 and 360 minutes, with a default of 240 minutes. |
Data Retention Settings | |
Configure retention period for raw scan files | Enable this option to configure the raw scan file retention period time in days. Raw scan files are the files stored as ZIP files that were created by the agent. These files are needed for incremental and retest scans. When the retention period is over, the raw scan file is removed. However, the scan data, such as issues, remains available. |
Configure retention period for scan data | Enable this option to configure the scan data retention period time in days. The scan data refers to the scans in the database. When the retention period is over, the scan data, such as issues, site maps, notifications, tags, and base scans, is removed. This is similar to deleting a scan from the Recent Scans page. |
Scan Control Settings | |
Suspend all future scans | This allows you to suspend all scans, pause all active scans, and resume all paused scans. For further information, refer to Managing scans. |
Do not stop scan when maximum logout is exceeded | Enable this option to stop a scan when the maximum logout number is exceeded. It is not recommended to enable this option, as possible authentication issues will be ignored. This setting is only available in Acunetix 360 On-Premises. |
Privacy Data and Security Settings | |
IP restricted sessions | Enable this option to add extra security protection by making user sessions IP restricted. Once enabled, the same cookies can not be used to access the session from different IP addresses. |
Do not expose sensitive information in the API responses | Enable this option to prevent sensitive information from being exposed in the API responses. If not selected, the sensitive information is presented as decrypted. |
Prevent any sensitive information showing within the product | When enabled, users will be required to enter a password to gain access to edit any custom scripts and some sensitive data will be hidden. This setting is only available to Account Administrators. |
Configure user timeout for time period | Set a session time limit (in minutes, hours, or days) after which all users must sign in again. This setting overwrites the "remember me" option on the sign-in page. It is only available for Account Administrators. |
Warning Text Settings | |
Customize Header Text | This allows you to enter text that will appear right next to the logo on the header. All users see this text on all pages. |
Login Warning Banner | This allows you to configure a login banner warning that appears when logged in to Acunetix 360. For further information, refer to Configuring Login Warning Banner. |
IAST Bridge | |
Default Bridge URL | This allows you to set a default Bridge URL for AcuSensor. The bridge is mandatory for .NET, Java, and Node.js servers. For further information, refer to Deploying AcuSensor. |
Default Policies | |
Default Scan Policy | This allows you to set a default scan policy for all new scans in your account. The default scan policy applies to all team members. For further information, refer to Configuring Scan Policies. |
Default Report Policy | This allows you to set a default report policy for all new scans in your account. The default report policy applies to all team members. For further information, refer to Custom Report Policies. |
PCI Reporting Settings | |
Company Name | This will be used on reports where the company name is shown, for example, PCI Reports. |