Hello all,
Codename SCNR v1.5 and Codename RKN 1.4 have just been released, both now with support for incremental scans.
This means that a scan session is maintained and the following workflow is now possible:
- Run initial/seed scan.
- Store its session in a file.
- Run a re-scan, auditing only newly introduced input vectors, i.e. continuing a previous session.
- Store its session in a file.
- And so on and so forth.
This has the massive advantage of re-scans being immensely quick, as they will only concern themselves with newly introduced input vectors, rather than being full dumb scans again and again.
Codename SCNR
Here are some numbers for you:
Initial scan duration | Session-based re-scan duration |
01:21:43 | 00:08:36 |
00:17:55 | 00:06:03 |
Previously, all re-scans would take the same time as the initial one.
Re-scan times may vary, and are greatly dependent on the amount of new inputs that have been introduced since the initial seed scan, but still, the time gains are and will be immense regardless.
CLI
Via the Command-line interface, at the end of each scan the location of the session file is printed, which can be restored for a re-scan to take place with:
bin/scnr_restore SESION_FILE
WebUI
The WebUI's default behavior for running re-scans or recurring scans is now session based.
REST API
The REST API also support session-based re-scans in order to super-charge your SSDLC.
Codename RKN
Here are some numbers for you:
Initial scan duration | Session-based re-scan duration |
00:11:51 | 00:00:45 |
00:06:15 | 00:04:37 |
WebUI
The WebUI's default behavior for running re-scans or recurring scans is now session based.
Conclusion
DAST scans need not require the amount of time you have been used to.
You can now integrate Codename SCNR into your SSDLC workflow and enjoy scan times that rival that of your integration or unit tests.
Cheers!
- Tasos L.