Configuring API audit coverage and thoroughness

The default policy for API and web service scans is the API policy. You can select a different policy or choose additional policies for the scan in the Audit Coverage and Thoroughness page of the API Scan Wizard. If you select multiple policies, the sensor will aggregate the policies during the scan.

Selecting one or more policies for API scans

To select a different policy:

1. In the Audit Depth (Policy) list, slide the toggle for the API policy to the disabled position.

2. Slide the toggle for the desired policy to the enabled position.

   The selected policy appears in the ENABLED SCAN POLICIES list. For descriptions of policies, see OpenText DAST policies.

3. Click Next.

To select additional policies:

1. In the Audit Depth (Policy) list, slide the toggle for the desired policies to the enabled position.

   The selected policies appear in the ENABLED SCAN POLICIES list. For descriptions of policies, see OpenText DAST policies.

2. Click Next.

What's next?

To configure scan details, click Next and proceed with Configuring scan details for API and web service scans.