Skip to main content

Configuring CxSAST to use the New Flow Scan Process

Improved Scan Flow in version 9.5.0 and later

Starting with version 9.5.0, the improved scan flow is being used, by default, for all projects, both old and new, regardless of the configurations set in 9.4.x.

For updated information, please see Configuring CxSAST Scan Flow Processes.

The New Flow offers improved scan accuracy by reducing false positives and false negatives. It also improves scan performance in terms of scan time and memory consumption. Among the benefits is increased Engine supportability and maintainability. In the New Flow, flow calculations are only performed during the queries phase if and only if they are needed, resulting in the improved performance.

By default, New Flow is

  • Enabled for scanning new projects

  • Enabled for previously existing projects that were scanned with New Flow (applies to upgrades from 9.3 only)

  • Disabled for previously existing projects that were scanned using the original old flow (applies to upgrades from 9.2 and 9.3)

By default, scans for existing projects will keep running with the old flow. However, changing them to use the new flow can be done from the web portal, or by using the API for a specific project, or by adjusting the key value in the database, for all scans and projects, as described below.

To enable or disable the New Flow for existing projects

  1. Select Project & Scans > Projects.

  2. Select the project you want to enable New Flow. A window with several tabs opens in the bottom half of the screen.

  3. Select the General tab.

    6436184835.png
  4. Click Edit.

  5. For the Configuration option, select Improved Scan Flow to enable New Flow, as shown in the figure below.

    To disable New Flow, select Default Configuration instead of Improved Scan Flow.

    6436184838.png
  6. Click Update.

To enable the New Flow for all projects and all scans

Change the value of USE_LAZY_FLOW in the [CxDB].[Config].[CxEngineConfigurationKeysMeta] table to true.

To disable the New Flow for all projects and all scans

  1. Change the value of USE_LAZY_FLOW in the [CxDB].[Config].[CxEngineConfigurationKeysMeta] table to false.

  2. In the web portal, under the General tab, for the Configuration option, select Default Configuration.