Skip to main content

Running a Scan on an Existing Project

Notice

  • Initiating a scan is possible only within an existing project.

  • API Security currently supports Java - Spring 2.x and C# - ASP.NET 4.x Web API only.

To open the New Scan dialog:

  1. In the Application and Projects home page click Projects.

  2. Click <Resource_Management.png Scan>. The New Scan dialog appears.

    Scan_Repo_10.png

    In the example below, the last scan has been performed using a zip archive as source to scan. In addition, the Incremental Scan option has been added to the New Scan dialog

    Scan_Incr_11.png

To run a scan:

  1. Upload a local zip archive file or configure a Repository path.

    Scan_Zip_13.png
  2. Under Scan Tags, add a tag to the new scan (optional)..

    Tags can be added in two different formats:

    Label: <string>

    key:value: <string:string>

    Scan_Zip_14.png
  3. Select Completed.png Incremental Scan, if you want to only scan the latest changes and not the entire project.For additional information on Incremental scans, refer to Incremental Scans (SAST Scanner).

  4. Click <Next>. The New Scan dialog appears and you are asked to select the scanners.

  5. Select one or more scanners.

    Scan_Repo_16.png
  6. Click <Scan>. The New Scan dialog closes and the scan starts.

Note

  • Only API Security and SAST support incremental scans. If you select additional scanners for an Incremental Scan, a full scan is performed instead.

  • If you select API Security, SAST is selected as well as API Security utilizes the SAST code to detect APIs.