If you want to reduce your scan times for a workflow-intensive application, Veracode provides configuration options to provide faster results.
- Contain a registration workflow with multiple steps.
- Involve a significant amount of user input.
- Include several parameters in the HTTP request.
- Include workflows with multiple required steps, such as the checkout process on an online shopping application.
To reduce the scan times for these types of applications, Veracode recommends you perform the following configurations:
- Set exchanges per link to 25
- Setting the exchanges per link limit to 25 HTTP request/response pairs usually provides
sufficient scan coverage, while eliminating unnecessary duplication of testing and
reducing scan time.Note: This configuration is not available if you have enabled advanced mode .
- Audit only the highest-risk parameters
- If you are only concerned with the highest-risk parameters exposed by the application, setting the Vulnerable Parameter Auditing to Audit only the highest risk parameters significantly reduces scan time. If you usually have this option enabled, Veracode recommends that you periodically perform a scan with the default setting of Audit Veracode-default parameters.
- Upload crawl scripts for complex workflows
- Uploading a crawl script allows the scan engine to follow the exact steps necessary to complete and test a workflow specific to your application. If you only want to test the parts of your application defined in your crawl scripts, you can disable the automated website crawler to reduce scan time.