DAST Scanning

Fine Tuning DAST Results

3min

There are a few configurations that can be used to fine tune DAST results to help ensure the alerts generated are not duplicative and can help shorten the time to run a scan.

SOOS collapses instances of the same alert (even when found on different URLs) which significantly reduces the number of alerts shown in the SOOS UI, however each instance reported can still be found under the SOOS DAST Issue detail if needed.

Max Alerts for Passive Scan

Passive scans often find the same issue on many (or all) URLs in the site (such as cookie misconfigurations or header misconfigurations). Because of this you may want to limit the number of alerts that are reported using the -config pscans.maxAlertsPerRule=5 argument, where "5" is the desired number of alerts to generate for each passive rule that is triggered.

Max Alerts for Active Scans

Like passive scans, Active scans also may often find the same issue on many URLs in the site (such as XSS). Because of this you may want to limit the number of alerts that are reported using the -config scanner.maxResults=5 argument, where "5" is the desired number of alerts to generate for each active rule that is triggered.

Combining Multiple Configurations

These configurations can easily be combined to limit both active and passive scan rules.

docker run -it soosio/dast --clientId=<soos_client_id> --apiKey="<soos_apikey>" --projectName="<project_name>" --otherOptions="-z '-config pscans.maxAlertsPerRule=5 -config scanner.maxResults=5'" --scanMode=baseline https://url-to-test



Updated 09 Apr 2025
Doc contributor
Did this page help you?
PREVIOUS
Adjusting Scan Times
NEXT
Receiving a 403 Forbidden For All Requests
Docs powered by Archbee