Skip to main content
availability

Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)

Configure validation scans

This document explains how to set up validation scans for your projects in Invicti AppSec. Validation scans automatically verify that known vulnerabilities no longer exist by initiating scans when issues are marked as resolved in your issue management system.

Validation scans ensure that vulnerability remediation is effective and provide confidence that security issues have been properly addressed.

Prerequisites

Before creating validation scans, ensure you have:

  • Configured issue managers for your project (refer to Configure issue managers)
  • Appropriate scanning tools configured for your project

Set up validation scans

To set up validation scans for your project:

  1. Navigate to Inventory > Projects from the left side menu.
  2. Click the project name to open the project dashboard.
  3. Select the Settings tab > Issue assignment > Automation.
  4. Use the toggle to turn on the validation scans.
  5. Specify the validation method:
    • Each time an issue gets closed: this option starts a validation scan immediately when an issue is marked as closed in your issue manager.
    • Wait until specific time of day to check if one or more issues have been closed: this option checks for closed issues at a designated time and starts validation scans accordingly. Specify the scheduled time or select Now.
  6. Click Save on the bottom of the page to activate your validation scan configuration.
tip

Consider your resource availability and response time requirements when choosing between options. "Each time an issue gets closed" provides faster feedback, while "Wait until specific time of day" is more resource-efficient for high-volume environments.

Best practices

  • Monitor validation results: Regularly review validation scan results to ensure vulnerabilities are properly remediated
  • Coordinate with development teams: Ensure teams understand the validation process and expected timelines
  • Adjust validation frequency: Modify validation settings based on your team's workflow and resolution patterns

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Last updated on
Was this page useful?