Scans View

Purpose

This document provides users with an overview of the portal interface of Scans.

Introduction

The Scans view presents the details of scans from different sources, such as Scale, Cloudsec, Docker is fully customizable.

Requirements

It is assumed that the reader has basic access to the OUTSCAN/HIAB account.

The Scans View

The Scans view presents the details of all scans. To customize the view,

Click on the Filter icon to see the available columns and filtering options. See Common Settings Panel, for more information.
Add desired columns by clicking on the Show/Hide Column icon.

Click on a scan to view the following information about that scan. The output from each scan depends on the source of it, for example, the output from Scale scans will include the URLs and a detailed breakdown of the scan flow.

URLs

The URL list can be downloaded to a file by clicking the green Download URLs button in the lower right corner.

Status

Status presents the different stages of the scan along with their duration:

Status	Description
	The scan schedule has started and is waiting for a slot to start scanning.
	The scan has been paused.
	A slot has been assigned to the scan and it is in the process of starting the scan.
	The scan is currently running.
	The scanning engine has finished collecting facts, and the reporting tools are currently running.
	The scan cycle is completed.
	The scan has encountered some issues.
	The scan is in the process of stopping.
	The scan has been manually stopped.
	The scan has failed to complete its scan cycle.

If any errors occur during the scan, a message is displayed:

Examples:

If there are no scans to show the view shows an empty state with the message: "No items to display. For SWAT/Assure/Snapshot subscriptions, assets are continuously monitored by Outpost24 Appsec team and therefore no scans can be shown here."

Related Findings

To access the related findings for a scan:

Select the scan by checking the box on the left hand side of the row.
The bottom toolbar is displayed.
Click the View related findings icon to the right in the tool bar.

You can also right-click on a scan and select View related findings from the context menu.

Both methods bring you to a filtered view for that specific scan.

Workflow Scans

A workflow consists of a chain of scans running after each other. Scans belonging to a workflow display the workflow name in the column Workflow name while the actual workflow is indicated with the word WORKFLOW in the Source column:

To see the different scans that ran within a workflow scan, select the switch in side panel. The view is filtered on the ParentID, showing the child scans:

Refer to workflows for information on how to configure a workflow.

Starting Scans

Schedule a Scan

Schedules can be created both in Automation > Schedules or in Configuration > Scan Configuration.

Refer to Schedules, for information on how to schedule a scan.

Start On-Demand Scan

After configuring the settings, follow the below procedure to perform a scan:

Go to the Configurations view.
Select the required configuration.
Click on the Scan now icon located at the bottom right of the view, or in the context menu.
You will get a popup displaying Successfully scheduled.

All scheduled scans can be viewed in the Scans view.

Stopping a Scan

To stop an ongoing scan:

Go to the Scans view.
Select one or more scans, and click on the Stop scan icon at the bottom of the view to end a scan.
You can also right-click on the scan and from the context menu select Stop scan.

If a scan is stopped but it is completed before it is stopped then it will report the result of the scan with the status FINISHED instead of STOPPED.

You can submit the Stop scan request for any scheduled scan, but it has an effect on the currently running scans only.

Download Blueprint

See Scan Blueprint, for more information.