Audit settings: Vulnerability Filtering

To access this feature, click the Edit menu and select Default Settings or Current Settings. Then, in the Audit Settings category, select Vulnerability Filtering.

By applying certain filters, you can limit the display of certain vulnerabilities reported during a scan. The options are:

• Standard Vulnerability Definition - This filter sorts parameter names for determining equivalency between similar requests. For example, if a SQL injection vulnerability is found in parameter "a" in both http://x.y?a=x;b=y and http://x.y?b=y;a=x, it would be considered equivalent.

• Parameter Vulnerability Roll-Up - This filter consolidates multiple parameter manipulation and parameter injection vulnerabilities discovered during a single session into one vulnerability.

• 403 Blocker - This filter revokes vulnerabilities when the status code of the vulnerable session is 403 (Forbidden).

• Response Inspection DOM Event Parent-Child - This filter disregards a keyword search vulnerability found in JavaScript if the same vulnerability has already been detected in the parent session.

Adding a vulnerability filter

To add a filter to your default settings:

1. Click the Edit menu and select Default Scan Settings.

2. In the Audit Settings panel in the left column, select Vulnerability Filtering.

   All available filters are listed in either the Disabled Filters list or the Enabled Filters list.

3. To enable a filter, select a filter in the Disabled Filters list and click Add.

   The filter is removed from the Disabled Filters list and added to the Enabled Filters list.

4. To disable a filter, select a filter in the Enabled Filters list and click Remove.

   The filter is removed from the Enabled Filters list and added to the Disabled Filters list.

You can also modify the settings for a specific scan by clicking the Settings button at the bottom of the Scan Wizard or the Web Service Scan Wizard.

Suppressing off-site vulnerabilities

If your web application includes links to hosts that are not in your Allowed Hosts list, OpenText DAST may identify passive vulnerabilities on those hosts. To suppress all vulnerabilities against sessions for off-site hosts that are not in your Allowed Hosts list, select the Suppress Offsite Vulnerabilities check box.

For more information about Allowed Hosts, see Scan settings: Allowed Hosts.

See also

Audit settings: Attack Exclusions

Audit settings: Attack Expressions

Audit settings: Session Exclusions

Audit settings: Smart Scan