Skip to main content
availability

Package: Invicti AppSec Core (on-demand)

Use scan tags

Scan tags are free-text labels you can add to a scan configuration to identify or categorize it. A scan supports multiple tags. This document explains how to add and remove scan tags and how to use them to filter vulnerability results.

note

Scan tags are for identification only. Unlike the metadata field, scan tags don't affect how Invicti AppSec Core correlates vulnerabilities across scans.

Why this matters

When you run many scans across multiple projects, environments, and teams, it's easy to lose track of which results came from where. Scan tags give you a lightweight way to label scans with context that matters to your team - without changing how the scan runs or how vulnerabilities are tracked.

With scan tags you can:

  • Separate vulnerability results by environment (for example, filter to see only findings from staging vs production scans)
  • Group results from a specific testing effort, such as a penetration test or a sprint review
  • Quickly identify which scan produced a vulnerability when reviewing results across a project

Add scan tags

You can add scan tags when creating a new scan or when editing an existing scan configuration.

  1. Open the scan configuration.
  2. Locate the Scan tags field.
  3. Type a tag and press Enter to add it. Repeat to add more tags.
  4. Click Save.

The tags are saved with the scan configuration and applied to all results produced by that scan.

tip

Use scan tags to distinguish between environments, teams, or testing phases - for example, staging, release-1.2, or pen-test-q2.

Remove a scan tag

  1. Open the scan configuration.
  2. In the Scan tags field, click the × on the tag you want to remove.
  3. Click Save.

Filter vulnerabilities by scan tag

Once a scan with a tag has run, you can filter vulnerability results by that tag.

  1. Navigate to the vulnerabilities view for the project or product.
  2. Click Add a filter.
  3. Select Scan tag from the filter options.
  4. Choose a filter operator and enter the tag value:
OperatorWhen to use
equalsMatch the exact tag value
not equalsExclude a specific tag value
regexMatch tag values using a regular expression
not regexExclude tag values matching a regular expression
  1. Apply the filter to view only vulnerabilities from scans with that tag.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Was this page useful?