Scan settings: Policy

To access this feature, click the Edit menu and select Default Scan Settings or Current Scan Settings. Then, in the Scan Settings category, select Policy.

You can change to a different policy when starting a scan through the Scan Wizard, but the policy you select here will be used if you do not select an alternate. You can also select multiple policies which will be aggregated by the sensor during the scan. For descriptions of policies, see OpenText DAST policies.

You can also create, import, or delete custom policies.

Selecting one or more policies

To select a different policy:

  1. In the Audit Policies list, slide the toggle for the selected policy to the disabled position.

  2. Slide the toggle for the desired policy to the enabled position.

  3. Click OK.

To select additional policies:

  1. In the Audit Policies list, slide the toggle for the desired policies to the enabled position.

  2. Click OK.

Creating a policy

To create a policy:

  1. Click Create.

    The Policy Manager tool opens.

  2. Select New from the File menu (or click the New Policy icon).

  3. Select the policy on which you will model a new one.

  4. Refer to the Policy Manager documentation for additional instructions.

Editing a policy

To edit a policy:

  1. Select a custom policy.

    Note: Only custom policies may be edited.

  2. Click Edit Scan Policy.

    The Policy Manager tool opens.

  3. Refer to the Policy Manager documentation for additional instructions.

Importing a policy

To import a policy:

  1. Click Import.

  2. On the Import Custom Policy window, click the ellipses button .

  3. Using the Files of type list on the standard file-selection window, choose a policy type:

    • Policy Files (*.policy): Policy files designed and created for OpenText DAST.

    • All Files (*.*): Files of any type, including non-policy files.

  4. Click OK.

A copy of the policy is created in the Policies folder (the default location is C:\ProgramData\HP\HP WebInspect\Policies\). The policy and all of its enabled checks are imported into SecureBase using the specified policy name. Custom agents are not imported.

Deleting a policy

To delete a policy:

  1. Select a custom policy.

    Note: Only custom policies may be deleted.

  2. Click Delete Scan Policy.

    A confirmation message appears.

  3. Click Yes.

    The policy is removed from your Policies directory.

See also

Scan settings: Allowed Hosts

Scan settings: Authentication

Scan settings: Cookies/Headers

Scan settings: Custom Parameters

Scan settings: File Not Found

Scan settings: Filters

Scan settings: General

Scan settings: HTTP Parsing

Scan settings: JavaScript

Scan settings: Method

Scan settings: Proxy

Scan settings: Requestor

Scan settings: Session Exclusions

Scan settings: User Agent