Custom scan profiles
Every time you start a scan on a target, you can specify the scan profile that will be used (the default scan profile is Full Scan). You can choose from any of the built-in scan profiles or your own custom scan profile. This guide shows you how to create a custom scan profile to use when scanning a Target.
What are custom scan profiles?
Custom scan profiles let you concentrate on particular areas of concern by choosing the precise tests you require. This helps ensure your scans fully cover your web applications and increases the overall efficacy of your security testing efforts.
Here are the checks you can add to your custom scan profiles:
- Scanning tests which include the following different types of tests:
- File tests check vulnerabilities in files identified on the website.
- Directory tests check vulnerabilities on directories identified on the website.
- Input scheme tests check vulnerabilities on various parts of the website, such as GET parameters, Form inputs, and HTTP headers.
- Server tests check vulnerabilities that are related to the server hosting the website.
- Structure tests include the tests that are executed at the end of the crawl session, identifying vulnerabilities in the structure of the website.
- Post-scan tests include checks that are carried out at the end of the scan, such as checking for any stored cross-site scripting that might have been injected during the scan.
- Known web application tests include security audits for various well-known web applications, such as WordPress or SAP products.
- Runtime passive analysis includes vulnerability checks run passively during the crawl. For example, checks for situations where the website insecurely transitions from HTTPS to HTTP.
- Crawler analysis includes vulnerability checks that act upon the responses from the webserver to the crawler requests.
- Location tests include tests that are executed on each unique location identified.
- HTTP Data tests include vulnerability checks executed on all the requests. These are checking for very specific content in the request/response and will proceed doing further verifications in specific scenarios. For example, the SAML signature audit checks are only executed when SAMLResponse is found.
- Target tests include vulnerability checks executed only once on the target being scanned.
- Input parsing tests include checks targeting input parsing vulnerabilities, such as prototype pollution.
- Client-side checks include checks executed using the browser capabilities provided by DeepScan. An example of such vulnerabilities is DOM Cross-site Scripting.
- Custom scripts include scripts that execute any custom scripts found in the custom scripts folder.
- Malware Scanner (On-Premises only) includes checks of the web application for malicious links and malware.
How to create a custom scan profile
- Select Scan Profiles from the side menu.
- Click Add New Profile.
- Add a Scan Profile Name.
- Click the checkbox next to each check you want to include in your custom scan profile. Click the arrows to expand the sections for more granularity.
You can also use the search field to find checks and tests. For example, searching for 'xss' will show you all the available checks for cross-site scripting.
A description of each check is displayed on the right when you select it.
- Click Save.
Your new custom scan profile appears at the bottom of the Scan Profiles page.
How to edit a custom scan profile
- Select Scan Profiles from the side menu.
- Click on the name of the custom scan profile you want to edit.
- Make your changes to the custom profile by selecting or deselecting checks for inclusion.
- Click Save.
How to delete a custom profile
- Select Scan Profiles from the side menu.
- Click the checkbox next to the name of the custom profile you want to delete.
- Click Delete.
How to run a scan using a custom scan profile
When starting a new scan, you can choose a built-in profile or your custom scan profile from the Default Scan Profile drop-down. For detailed instructions, refer to Launching Scans.