Articles on: Continuous Scan

Continuous Scan List

The Continuous Scan List page, serves as a central hub for monitoring all active continuous scans across your targets. This consolidated view allows you to manage your scans efficiently without needing to navigate through multiple targets. This article aims to break down each section of the page to ensure you can efficiently manage and monitor your continuous scans across your targets.



The benefit of continuous scan list page:

Centralized Access: Monitor all active scans across various targets from one convenient page.

Improved Efficiency: Reduce time spent switching between targets by accessing everything in one place.

Comprehensive Overview: Get an overview of all ongoing and completed scans to stay on top of your security posture.

How to start a Continuous Scan?



Starting a Scan is simple. Use the Start a Scan button located in the banner at the top of the Continuous Scan List page. This button is always visible, ensuring you can quickly initiate new scans.



Understanding types of Continuous Scan





There are 3 types of continuous scans available on the OrbitX Platform:

Lightning Scan

A fast, high-level scan designed to quickly identify common vulnerabilities.
Use Case: Ideal for a quick assessment to catch the most frequent security issues.

Emerging Threat Scan

A scan focused on identifying vulnerabilities associated with newly discovered threats.
Use Case: Useful for staying ahead of the curve on the latest security risks.

Comprehensive Full Scan

An in-depth scan that thoroughly examines the target for a broad range of vulnerabilities.
Use Case: Best for a detailed security assessment to identify all potential vulnerabilities.

For more information regarding scan types, you can click here.

Ways to trigger a Continuous Scan



There are multiple ways to trigger continuous scans:

Quick Access via Banner: Start a new scan directly from the prominent banner at the top of the Continuous Scan List page.
CI/CD Integration: Integrate scans into your CI/CD pipeline for automated security checks. Learn more about CI/CD integration.
Scheduled Scans: Set up automatic scans at regular intervals. Read our help article on scheduled scans.

What information is shown on the Continuous Scan List?



The Continuous Scan List page provides a detailed view of all active scans and their statuses. Here’s how to understand the information presented:

Key Metrics & Summary



At the top of the page, you’ll see key metrics such as:



Scans in the Last 30 Days: Total number of scans conducted in the past month.
Yearly Scan Count: Number of scans conducted in the past year.
Total Scans: Overall number of scans performed across all targets.

Detailed Breakdown of Scan Progress





The scan details are organized into a table based on the scan's current status:

In Progress:



This is the first stage of the scan. When you initiate a scan, it enters the In Progress state, where active scanning of your targets begins. During this stage, you will receive real-time updates on the scan's progress, including scan type, source, and detected vulnerabilities.

Scan Completed:



Once the scan finishes, it moves to the Scan Completed stage. Here, you can review the results in detail, analyze detected vulnerabilities, and generate reports for further action.

Under Review:



Scans that require further analysis by our security team appear in the Under Review stage. During this phase, our experts validate and verify the findings to ensure that the vulnerabilities are accurate and actionable.

Vetting Completed:



After thorough review and validation, the scan moves to the Vetting Completed stage. This confirms that the vulnerabilities have been assessed for accuracy and are ready for remediation.

Canceled:



The Canceled stage lists scans that were terminated before completion. This could occur due to manual intervention or system errors. Tracking these scans helps ensure that any incomplete work is revisited if necessary.

Breakdown of Scan Table Overview





Each row in the table contains important information about continuous scan, let’s understand each attributes one by one:

Scan Name: The specific name of the scan.

Target Name: The target that was scanned.

Scan Type: Indicates the scan type (e.g., Lightning, Emerging, or Full).

Source: The origin of the scan (e.g., CI/CD pipeline, On demand, Scheduled).

Progress Indicator: A visual bar showing the scan’s progress.

Vulnerability Count: Number of vulnerabilities identified during the scan.

Action Options: A three-dot menu to manage the scan name and deletion.

What is a Vetted Scan?



A vetted scan builds upon the Automated Scan by including a thorough review by our security engineers, who carefully evaluate the results to eliminate false positives and ensure accuracy. This process enhances the accuracy of the final report, providing reliable and actionable insights, allowing organizations to confidently act on their validated security posture.

Validity: Vetted scan reports are valid for 90 days.

Available Vetted Scans



For more information on the available vetted scans and their pricing, please visit our Pricing Page.

Converting an Automated Scan into a Vetted Scan





To convert an automated scan into a vetted scan, simply click the Request Vetting option in the scan settings. This allows you to benefit from the detailed review and validation provided by a vetted scan.

Frequently Asked Questions (FAQs)



1: How often should I run continuous scans?



The frequency of continuous scans depends on your security needs. For high-risk targets or critical applications, you may want to run scans more frequently, such as daily or weekly. For less critical targets, monthly or quarterly scans might be sufficient.

2: What should I do if a scan is stuck or not progressing?





If a scan is stuck or not progressing, check the scan details for any errors or issues. You may also contact support if the issue persists.

3: How do I manage or delete a scan?





You can manage or delete a scan by using the three-dot menu next to each scan in the Continuous Scan List. This menu provides options to delete the scan or perform other management actions.

4: Can I schedule scans to run automatically?



Yes, you can set up scheduled scans to run at predetermined intervals. This feature allows you to automate the scanning process and ensure regular security checks.

For more information regarding scheduled scans, you can click here.

5: How do I request a vetted scan?



To request a vetted scan, locate the automated scan you wish to upgrade and click the Request Vetting option in the scan settings. This will initiate the process for our team to review and validate the scan results.

6: What is the difference between an automated scan and a vetted scan?



An automated scan is conducted by our scanner to identify vulnerabilities, while a vetted scan includes a thorough review by our security engineers to validate the results and eliminate false positives. Vetted scans offer more reliable and actionable insights.

Note: Availability of certain features may vary depending on your subscription plan (monthly or yearly) and the type of scan conducted.

Updated on: 21/11/2024

Was this article helpful?

Share your feedback

Cancel

Thank you!