LogoLogo
APISupportDashboard
  • Welcome
  • Platform
    • Platform Overview
    • Getting Started Guide
    • Discovery
      • Domain Discovery
      • Network Discovery
      • Discovered Assets
    • Targets
      • Scan Policies
      • Add-on Services
      • Tags & Filtering
        • Default Tags
      • Managing Targets
      • Scan Configuration
    • Risk
    • Firewalls
      • Ports
      • HTTP Servers
      • DNS Records
    • Websites
      • Certificates
      • Scripts
      • Cookies
      • Headers
      • Forms
      • Links
      • Downloads
      • Traffic Hosts
      • Meta Tags
      • Pages
    • Technology
    • Issues
      • Vulnerability Management
      • Issue Settings
    • Reports
    • Compliance
    • Projects
      • Penetration Testing
      • Other Projects
    • Events
      • Event Rules
      • Event Types
    • Automations
      • Target Automations
      • Asset Automations
      • Target Issue Automations
  • Integrations
    • Discovery Integrations
      • Azure
      • Google Cloud
      • AWS
      • Cloudflare
      • Oracle Cloud Infrastructure
      • F5
      • GoDaddy
      • Wiz
      • HTTP
    • Workflow Integrations
      • Slack
      • Google Chat
      • Jira
      • PagerDuty
      • Splunk
      • AWS
      • Vanta
      • Microsoft Teams
      • ArmorCode
      • Zapier
        • Slack (via Zapier)
        • Jira (via Zapier)
        • Service Now (via Zapier)
    • Feeds
      • Using Feeds with Google Sheets
    • API
    • Webhooks
  • Account
    • Account Overview
      • Account Security
    • Users
      • Roles & Permissions
Powered by GitBook

© 2024 Halo Security

On this page

Was this helpful?

  1. Platform
  2. Targets

Scan Policies

PreviousTargetsNextAdd-on Services

Last updated 3 months ago

Was this helpful?

For each target in your account, we offer three scan policies designed to give you flexibility. You can manage scan policies per target by going to the target settings page, or in bulk on the Targets -> page.

Scan Policies

  • Light (default) - This non-invasive scan policy includes Firewall Scanning, Technology Scanning, and Website Scanning. It is perfect for third-party managed assets and platform-hosted websites where server vulnerabilities are out of scope.

  • Standard - This scan policy includes all scans in Light, plus server vulnerability scanning to identify common vulnerabilities and exposures (CVEs).

  • Compliance - This scan policy includes all scans in the Standard policy with extra checks for PCI ASV compliance. This scan policy is required for all targets you want to use in generating ASV reports.

The Compliance scan policy is only available if you have the Compliance Reporting add-on.

List