🛠️ Scan Configuration¶

Most of your scan configuration already follows the existing API DAST scan configuration, such as authentication.

However, there are a few additional configurations that are specific to SPA DAST scans.

Authentication¶

Just like API scans, you can configure a simple header authentication preset for now.

presets:
  - type: headers
    users:
      - headers:
          Authorization: Bearer user1Token
        username: user1
validation: false

Blocklist configuration¶

Just like API scans, you can also configure blocklisted paths in your frontend scans. These support regex patterns. This enables you to optimize the scanner time by avoiding crawling useless pages, like /faq/ and articles.

blocklist:
  routes:
    - path: .*faq.*
    - path: .*help.*

Scope Configuration¶

In your Expert Configuration section in the settings of your scan, you can configure the domains in scope of your scan. This allows the frontend scanner to capture underlying traffic to subdomains, enabling generation of OpenAPI schemas of all your APIs used by the frontend, but also security analysis of the traffic. Domain scopes are filled by your organization's domains by default.

scan:
  frontend_in_scope_domains:
    - 'example.com'
    - 'example.dev'
    - 'example.io'
authentication: {}

Hotstart Base URLs¶

In your Expert Configuration section in the settings of your scan, you can configure and add more base URLs for your scan. Base URLs is a list of URLs that the scanner should visit. You can pre-seed the scanner with a list of URLs to start the scan from and enrich the crawling process by boosting known URLs.

scan:
  hotstart:
    - https://example.com/user
    - https://example.com/user/profile
authentication: {}

Maximum scan duration¶

You can configure your scan time in minutes, to achieve better coverage for bigger web applications.

Maximum is 8 hours = 480 minutes Default for Frontend scans: 30 minutes

scan:
  max_duration: 30

Single page worker mode¶

For specific use-cases where your web application can only be used in a single page, without any reloads or navigations or page refresh (F5 etc...), this mode will force the scanner to only run in a single page and purely navigate in the elements of that page, not through any other URLs.

scan:
  frontend_single_page_worker: true

Worker Parallelism¶

To speed up or slow down your scan, you can configure the number of simultaneous opened pages for the scanner. Maximum allowed is 5 due to memory constraints. If you observe stability issues with failed scans, you can try to lower this value.

scan:
  frontend_parallel_workers: 3

Integrated authentication¶

For specific use cases where the browser-based authenticaiton MUST happen in the same browser as the scanner engine, this option enables you to play the authentication procedure inside the scanner directly. This can help with specific authentication mechanism that rely on in-memory values, web-workers etc...

In most cases, automatic extraction of cookies, local storage, session storage in the default browser-based login will be sufficient and inject the values into the engine.

scan:
  frontend_integrated_authentication: true

Crawling only mode¶

For faster scan times, we also provide a special mode that disables heavier security checks, but still crawling and API traffic generation, which will still be sent for analysis and security testing.

scan:
  frontend_crawling_only: true

Scan Persistence¶

To speed up the scan, you can enable persistence mode. This will save URLs from previous scans and load them into the scanner engine.

scan:
  frontend_use_persistence: true

X-Escape-User header¶

Disabled by default to avoid breaking web applications. If enabled, attaches the currently logged-in user name from your authentication configuration, into a X-Escape-User header in all requests.

scan:
  frontend_escape_user_header: true