Creating efficient and targeted test scans is critical for maximizing coverage and minimizing runtime while testing your application ecosystem. This page highlights the recommended ways to structure your scans based on the following:
Attack type, plugin groupings, and execution schedules
Number of tests and assets
These recommendations are designed to help you optimize performance, focus scans on relevant assets and ensure continuous security improvement.
Attack Types
The following breakdown groups attacks into logical scans based on common categories and test volumes. Each scan recommendation also includes approximate test counts and suggested scan frequency. You can use the below Attack Selections while creating a policy, and then utilize the policy while creating a scan. While creating the scan, you can also use the recommended schedule. For information on how you can split scans based on the attack types and assets, see Number of Tests and Assets.
Scan Type | Attack Selections | Recommended Schedule | Approximate Tests |
---|---|---|---|
Remote Code Execution Scan |
| Weekly | 800,000 |
DB Attacks Scan |
| Weekly | 800,000 |
XSS Attacks Scan |
| Weekly | 900,000 |
Design and Configuration Attacks Scan |
| Daily | 235,000 |
Protocol Attacks Scan |
| Daily | 200,000 |
Auth and Business Attacks Scan |
| Daily | 113,000 |
Number of Tests and Assets
Traceable recommends splitting a large scan into multiple smaller scans in scenarios where the number of attack types or assets (APIs) is significantly high. This helps:
Ensure that scans run efficiently without overutilizing resources
Prevent long-running scans that may result in a timeout or other connectivity issues
This section highlights the recommendations for splitting scans, enabling you to create scans efficiently based on the scale of your application testing.
You can break down scans in either of the following ways:
Split by Attack — Divide the attack selections into multiple sets and create a separate policy for each set. You can then use each policy in its own scan.
For example, in the above table, if the DB Attacks Scan contains ~800,000 tests across three attack selections, you can split it into three policies, each with a single attack selection. Further, you can assign them to three separate scans. This helps distribute the tests and allows for efficient testing.
Split by Assets — Divide the list of APIs across multiple scans while keeping the same attack policy.
For example, if you are testing Cross-Site Scripting on 5,000 APIs using the XSS Attacks Scan (~900,000 tests) from the above table, you can create one policy with the Reflected Cross-Site Scripting attack selection. Further, you can assign this policy to two separate scans, each covering 2,500 APIs.
For information on the steps to create a scan, see Creating a Scan.