Reducing Scan Times for Content-Heavy Applications

DynamicDS and DynamicMP

If you want to reduce your scan times for a content-heavy application, Veracode provides configuration options to provide faster results.

Large, content-heavy web applications usually have the following characteristics:
  • Contain many different template pages.
  • Use a content management system (CMS).
  • Include many pages built on an identical page structure and code base.
To reduce the scan times for these types of applications, Veracode recommends you perform the following configurations:
Note: These configurations are not available if you have enabled advanced mode .
Set subdirectory limit to five
Setting the subdirectory limit to five restricts the scan engine to crawling five unique pages in each directory in your application. This configuration eliminates repetitive tests if the application contains dozens of pages that use the same template, such as news articles or blog posts.
Set maximum links to 500

Setting the maximum link limit to 500 restricts the scan engine to crawling no more than 500 unique pages.

Set crawl depth to five
Setting the crawl depth to five restricts the scan engine to crawling five links away from the target URL, which eliminates duplication and reduces scan time.
Set exchanges per link to two
Setting the exchanges per link limit to two HTTP request/response pairs reduces unnecessary duplication of testing if the application, like most content-heavy applications, does not accept many input parameters.