Skip to main content

Running an Incremental Scan from a Repository URL


  • Initiating an Incremental scan is possible only if a scan has already been completed within a project.

  • Incremental scans are relevant only for SAST scanners.

  • API Security currently supports Java - Spring 2.x and C# - ASP.NET 4.x Web API only.

To open the New Scan dialog

  1. On the Application and Projects home page click Projects.

  2. Click <Scans.png Scan>. The New Scan dialog appears.

To define the new scan:

  1. In the New Scan dialog, under Project Name, select the desired project from the drop-down list.

  2. Under Source to Scan, select Repository.

  3. Enter the Repository URL and click <Fetch Branches>.



    For private repositories, a Token field is added as well.

  4. Under Branch, select the branch to be scanned. You can scan the master branch or any branch below it in the repository.

  5. Under Scan Tags, add a tag to the new scan (optional).

    Tags can be added in two different formats:

    Label: <string>

    key:value: <string:string>

  6. Check Completed.png Incremental Scan and then click <Next>. The New Scan dialog appears and you are asked to select the scanners.

  7. Select one or more scanners.

  8. Click <Scan>. The New Scan dialog closes and the scan starts.


If you select API Security, SAST is selected as well as API Security utilizes the SAST code to detect APIs.