Baseline (Passive) Web App Scanning

the scanmode=baseline option loads a ruleset that is tuned for performing quick non attack based scans that can be run in a ci/cd environment against web applications relatively quick to run (usually a few minutes, but depends on the size of the site) run in a ci/cd system checks for common misconfigurations, but does not perform attacks against the site running a scan to run a baseline scan all you need is the url of the site to scan and the dast cli will do the rest, including crawling the site to find additional pages and resources to test docker run it soosio/dast clientid=\<soos client id> apikey="\<soos apikey>" projectname="\<project name>" scanmode=baseline https //url to test further configurations running authenticated dast scans docid 0wmgc4eqb 1saulseahnt excluding dast scan rules docid 1hh1sr62 gxmfmneie6g adjusting scan times docid\ vizjose7ku 8zlrqxt2br excluding urls from being scanned docid\ qplvu4pihbwlfa5biwvqp