Skip to main content

Configuring a Default Scan Configuration for All Projects and Scans

The default scan configuration applies to all projects and scans. You can specify a different scan configuration for a scan of a particular project, as described in Specifying a Scan Configuration for a Project.

If you want to change the default for all projects and all scans, you must modify the CxDB database, as described in the following sections:

Accessing the CxDB Database

The first step in making any change to the default scan configuration is to access the tables in the CxDB database.

To access the tables in the CxDB database

1 Open SQL Server Management Studio.

2 In the Connect to Server logon, click Connect.

3 In the Object Explorer, expand Databases.

4 Expand CxDB.

5 Expand Tables.

6 Depending on your task, continue with one of the relevant procedures described below.

Changing the Default Scan Configuration from Default Configuration to Improved Scan Flow

After you upgrade your SAST installation from version 9.2 or 9.3 to 9.4.0, the default is set to Improved Scan Flow for new projects. The Default Configuration is used for existing projects, to make comparisons with previous scans meaningful.

If you want ensure that all scans, regardless of which configurations were used for previous scans of existing projects, you can manually change the default scan configuration in the CxDB database.

To change your default scan configuration from Default Configuration to Improved Scan Flow

1 Follow the procedure above for accessing the CxDB database.

2 With the Tables folder expanded, scroll down and right-click on CxEngineConfigurationKeysMeta and select Edit Top 200 Rows.

3 Scroll down to Id: 43, KeyName: USE_LAZY_FLOW.

4 In the DefaultValue column, replace false with true.

During the commit process, a pencil icon appears in row Id 43, and Cell is Modified appears in the Status row.

After a few seconds of processing, the change is committed (saved) to the CxDB database, and the pencil icon and status message disappear.

5 Close SQL Server Management Studio. The Improved Scan Flow is now your default scan configuration for all projects and scans.

Changing the Default Scan Configuration from Improved Scan Flow to Default Configuration

To change your default scan configuration from Improved Scan Flow to the Default Configuration

1 Follow the procedure above for accessing the CxDB database.

2 With the Tables folder expanded, scroll down and right-click on on CxEngineConfiguration and select Edit Top 200 Rows.

The list of scan configurations is displayed in the right pane.

Since for SAST 9.4.0, and later, the Improved Scan Flow configuration is the default, IsDefault is True.

6436184590.png

3 For Improved Scan Flow replace True with False in its IsDefault field and for Default Configuration replace False with True in its IsDefault field, as shown below. Changes that you make take a few seconds to be committed in the database.

6436184596.png

4 Verify that in the SAST Web Portal user interface, when you click Projects & Scans > Create New Project, the General tab opens displaying Default Configuration for the default Configuration property.

6436184599.png

Notice

If SAST was first installed as version 9.4.0 or later, the Improved Scan Flow calculation is enabled by default. To enable the Default Configuration flow calculation, disable the Improved Scan Flow calculation as explained in the following procedure.

To disable the Improved Scan Flow

If SAST was installed as version 9.4.0 or later, it is necessary to disable the Improved Scan Flow calculation in the CxDB database, since the USE_LAZY_FLOW key setting (which controls the Improved Scan Flow calculation) overrides the key settings in the CxEngineConfiguration table.

1 With the Tables folder expanded, scroll down and right-click on CxEngineConfigurationKeysMeta and select Edit Top 200 Rows.

2 Scroll down to Id: 43, KeyName: USE_LAZY_FLOW.

3 In the DefaultValue column, replace true with false.

During the commit process, a pencil icon appears in row Id 43, and Cell is Modified appears in the Status row.

After a few seconds of processing, the change is committed (saved) to the CxDB database, and the pencil icon and status message disappear.

4 Close SQL Server Management Studio. The Default Configuration is now your default scan configuration for all projects and scans.