Site Scan Tab

The Site Scan tab displays information on the initial assessment, current scan status, scan speed, links tested, and credentials used in testing. It also highlights any access issues that are preventing the site from being scanned.

Field	Field Name	Description
1	Initial Assessment progress bar	The Initial Assessment progress bar visually indicates the progress of the Site asset’s initial full assessment. It does not indicate the progress of any ongoing continuous scans of the asset. For more information, see Initial Assessment Complete in the DAST Onboarding Overview article. The progress bar shows one of the following phases: Initial Onboarding - 20%: Awaiting configuration by the Service Delivery team. This will begin soon if you have provided the required information (see step 4 of the DAST Onboarding diagram). Parse Scan / Further Configuration - 40%: Either the parse scan is running on the asset, or further configuration / form training is being performed (see step 5 of the DAST Onboarding diagram). Vulnerability Scanning Active - 75%: The configured initial vulnerability scan is active. Complete - 100%: The configured vulnerability scan is complete. If onboarding is on hold, a message is displayed advising you to contact Support. For example, "On Hold: Site Inaccessible - Contact Support for more information", "On Hold: Awaiting Credentials and Schedule - Contact Support for more information", etc.
2	Scan Schedule	To set a schedule for your scan see Scheduling a Scan.
3	Scan Now	Select this icon to start a Scan Now; a confirmation box will appear as follows: Select Confirm to begin the scan immediately.
4	Initial Full Assessment	Shows the status of the initial full assessment, part of the onboarding process for the site.
5	Scan Status	Shows the status of the current scan. This may be Paused for Schedule, Scan Completed, Scan Running, Scanning w/o Credentials (no working credentials available), or Access Issue: Site is unreachable (see "Site Access Checks", below). BDCD Updating Configuration indicates that Black Duck have paused scanning to update the configuration of the scanner.
6	Scans Completed	This gives the number of scans that have reached completion in the period named.
7	Scan Schedule	This is the name of the scan schedule for this site.
8	Maximum Scan Speed	The number of requests per second that the scanner will not exceed while scanning this site.
9	Credentials for Scanning	The credentials table displays every set of scanning credentials in your Continuous Dynamic Client, with sensitive information obscured. These are used to allow the scan to test portions of your site that require a user login to gain access. Two types of scanning credentials are supported: username & password (stored in the Continuous Dynamic Portal) and Privileged Access Management (PAM) (stored in HashiCorp®'s Privileged Access Management (PAM) solution). For the latter type, an additional column named PAM Target is shown in the table. You can edit, delete, or disable scanning credentials from here. See Adding or Editing Scanning Credentials for more information.
10	Last Completed Scan	The date of completion for the last completed scan.
11	Link Information	Link information gives a count of the number of pages tested in the last completed scan and in the current scan. Includes pages with a scanned URL status of Tested and certain Error statuses. Clicking the linked text will take you to a searchable list of the URLs for the pages in question.
12	Open Vulnerabilities - Verified	The number of verified vulnerabilities currently open for this site.

Field

Field Name

Description

Initial Assessment progress bar

The Initial Assessment progress bar visually indicates the progress of the Site asset’s initial full assessment. It does not indicate the progress of any ongoing continuous scans of the asset. For more information, see Initial Assessment Complete in the DAST Onboarding Overview article.

The progress bar shows one of the following phases:

Initial Onboarding - 20%: Awaiting configuration by the Service Delivery team. This will begin soon if you have provided the required information (see step 4 of the DAST Onboarding diagram).

Parse Scan / Further Configuration - 40%: Either the parse scan is running on the asset, or further configuration / form training is being performed (see step 5 of the DAST Onboarding diagram).

Vulnerability Scanning Active - 75%: The configured initial vulnerability scan is active.

Complete - 100%: The configured vulnerability scan is complete.

If onboarding is on hold, a message is displayed advising you to contact Support. For example, "On Hold: Site Inaccessible - Contact Support for more information", "On Hold: Awaiting Credentials and Schedule - Contact Support for more information", etc.

Scan Schedule

To set a schedule for your scan see Scheduling a Scan.

Scan Now

Select this icon to start a Scan Now; a confirmation box will appear as follows:

Select Confirm to begin the scan immediately.

Initial Full Assessment

Shows the status of the initial full assessment, part of the onboarding process for the site.

Scan Status

Shows the status of the current scan. This may be Paused for Schedule, Scan Completed, Scan Running, Scanning w/o Credentials (no working credentials available), or Access Issue: Site is unreachable (see "Site Access Checks", below).

BDCD Updating Configuration indicates that Black Duck have paused scanning to update the configuration of the scanner.

Scans Completed

This gives the number of scans that have reached completion in the period named.

Scan Schedule

This is the name of the scan schedule for this site.

Maximum Scan Speed

The number of requests per second that the scanner will not exceed while scanning this site.

Credentials for Scanning

The credentials table displays every set of scanning credentials in your Continuous Dynamic Client, with sensitive information obscured. These are used to allow the scan to test portions of your site that require a user login to gain access.

Two types of scanning credentials are supported: username & password (stored in the Continuous Dynamic Portal) and Privileged Access Management (PAM) (stored in HashiCorp®'s Privileged Access Management (PAM) solution). For the latter type, an additional column named PAM Target is shown in the table.

You can edit, delete, or disable scanning credentials from here.

See Adding or Editing Scanning Credentials for more information.

Last Completed Scan

The date of completion for the last completed scan.

Link Information

Link information gives a count of the number of pages tested in the last completed scan and in the current scan. Includes pages with a scanned URL status of Tested and certain Error statuses. Clicking the linked text will take you to a searchable list of the URLs for the pages in question.

Open Vulnerabilities - Verified

The number of verified vulnerabilities currently open for this site.

Site Access Checks (unreachable sites)

If an onboarded site cannot be accessed by the Threat Research Center (TRC), the Site asset is flagged as unreachable. In this case, the site Scan tab is updated as follows:

A note is displayed to inform you that an access issue has been encountered and the site cannot be scanned. This includes the time when the scan will automatically retry:

"We have encountered an access issue. The site is unreachable and cannot be scanned. The scan will automatically retry at hh:mm."
The Scan Status field changes to Access Issue: Site is unreachable, and a Retest button is displayed under the status.

Unreachable sites can’t be scanned in full until you have resolved the access issue identified. To see information from the TRC about the issue they encountered, click the Info icon to view the Services Note popup. This also displays one or more Hostnames that triggered the access check failure.

Figure 1. Example Services Note popup

When you have resolved the access issue identified, run a retest to check if the Site asset (and associated hosts) are live and accessible to the scanner.

Click Retest to request a connectivity check for the site.
Refresh your browser page.
If connectivity is restored, the Scan Status changes to the current status of the scan (see Scan Status in the above table).

Unreachable sites are also highlighted on The Executive Dashboard.

Sites are only flagged as unreachable by the TRC if login handlers have been properly configured. A login handler is a customized login sequence that teaches Continuous Dynamic to assess authenticated portions of a web application. They are created by TRC engineers during DAST onboarding.

Site Scan Tab

Site Access Checks (unreachable sites)

Video Tutorial - DAST Scan Tab