Adhoc Scan

The Adhoc Scan page allows you to scan both public and private repositories from Git and Bitbucket. The scanning process includes SAST (Static Application Security Testing), code license verification, secret detection, and component analysis.

You need to add your project to scan the repositories.

To Add a Project

• To add or update a new project with source scan configurations, click Add Project.

• The Create Project details page is displayed as shown below. Enter the details for the following fields:

• Name : Enter a name for the project.

• Type : The default type is Source Scan.

• Platform : Select the platform type, the platform where the code resides (Github, Bitbucket, Bitbucket Server) for the project.

• Account : Choose the needed account that has been integrated for the selected platform. If no account is available for the selected platform then click Add Account.

• • The integration page is displayed. You can add a new account.

• Organization / Workspace : Choose the organisation or workspace that the selected account has access to.

• Scan Level : Select the scan level; either organization level or repository level that needs to be scanned.

• Configuration : Set the configuration details, and schedule the auto scan time.

• Click Save.

The project gets added for scanning and the following details are listed.

• Repos Registered

• Total Branches

• Total Scans

• Total Projects

• Auto Scan Enabled Repos

The panel at the bottom displays the project details. On expanding each project you can view the complete details of it.

• To edit the configuration details of the project, click the Edit Configuration button.

• Click the View option in the Action button, to view the SAST and SCA scan results of the project.

• Click the Download button to download the scan results.