Using the Improved Scan Flow Process
Note
Improved Scan Flow in version 9.5.0 and later
Starting with version 9.5.0, the improved scan flow is being used, by default, for all projects, both old and new, regardless of the configurations set in 9.4.x.
Benefits of the Improved Scan Flow
The Improved Scan Flow offers improved scan accuracy by reducing false positives and false negatives. It also improves scan performance in terms of scan time and memory consumption. Among the benefits is increased Engine supportability and maintainability. In the Improved Scan Flow, flow calculations are only performed during the queries phase if and only if they are needed, resulting in the improved performance.
When the Improved Scan Flow is the Default Configuration
In SAST version 9.4.0, Improved Scan Flow is the default.
Improved Scan Flow is
enabled for scanning new projects
enabled for previously existing projects that were scanned with Improved Scan Flow (applies to upgrades from 9.3 only)
disabled for previously existing projects that were scanned using the original Default Configuration flow (applies to upgrades from 9.2 and 9.3)
By default, scans for projects existing prior to SAST 9.4.0 will keep running with the old Default Configuration flow. However, changing them to use the new Improved Scan Flow can be performed from the SAST Web Portal, or by using the API for a specific project, or by adjusting the key value in the database, for all scans and projects, as described in Specifying a Scan Configuration for a Project and Configuring a Default Scan Configuration for All Projects and Scans.