Creating a new scan policy
A scan policy is a set of settings for web application security scans. It determines the security tests to be conducted when initiating a scan. You can choose pre-defined policies, customize them based on your target's characteristics, or create new ones. Additionally, you can share policies within a group or duplicate them from a group.
How to create a new scan policy in Invicti Enterprise
- Log in to Invicti Enterprise.
- From the main menu, select Policies > New Scan Policy.
- Fill in the Name and Description fields.
- Select the Shared checkbox, if required (refer to Sharing Scan Policies).
- Complete the remaining fields. (Each tab is explained in the Scan Policy Fields tables below.)
- Click Save when you have finished configuring your scan policy.
108
How to share Scan Policies
There are four types of Scan Policies:
- Default: Unless set as Shared, these are exclusively for your use.
- Share: These policies are available for others to utilize.
- Private: Reserved solely for your own use, these policies cannot be accessed by others.
- Mine: Referring to the policies you have personally created.
When you share your Scan Policy, other users gain access to it for use and cloning. Scan Policies that you create and do not share with your team members are labeled as "Mine" and "Private" in the Type column.
NOTE: The user who has the Account Administrator role can see the private policies of the team members. |
- Navigate to the New Scan Policy window.
- Enable the Shared field. A new section, Website Groups, is displayed.
- Select all the Website Groups the Scan Policy should be shared with. This means that anyone who has access to those groups can use your Scan Policy.
NOTE: By default, authentication verifier agents use incognito mode on Chromium browsers. |
