LogoLogo
APISupportDashboard
  • Welcome
  • Platform
    • Platform Overview
    • Getting Started Guide
    • Discovery
      • Domain Discovery
      • Network Discovery
      • Discovered Assets
    • Targets
      • Scan Policies
      • Add-on Services
      • Tags & Filtering
        • Default Tags
      • Managing Targets
      • Scan Configuration
    • Issues
      • Vulnerability Management
      • Issue Settings
    • Risk
    • Technology
    • Firewalls
      • Ports
      • HTTP Servers
      • DNS Records
    • Websites
      • Certificates
      • Scripts
      • Cookies
      • Headers
      • Forms
      • Links
      • Downloads
      • Traffic Hosts
      • Meta Tags
      • Pages
    • Reports
    • Events
      • Event Rules
      • Event Types
    • PCI Compliance
    • Automations
      • Target Automations
      • Asset Automations
      • Target Issue Automations
    • Projects
      • Penetration Testing
      • Other Projects
  • Integrations
    • Discovery Integrations
      • Azure
      • Google Cloud
      • AWS
      • Cloudflare
      • Linode
      • Akamai
      • Oracle Cloud Infrastructure
      • F5
      • GoDaddy
      • Wiz
      • HTTP
    • Workflow Integrations
      • Slack
      • Google Chat
      • Jira
      • PagerDuty
      • Splunk
      • AWS
      • Vanta
      • Microsoft Teams
      • ArmorCode
      • Zapier
        • Slack (via Zapier)
        • Jira (via Zapier)
        • Service Now (via Zapier)
    • Feeds
      • Using Feeds with Google Sheets
    • API
    • Webhooks
  • Account
    • Account Overview
      • Account Security
    • Users
      • Roles & Permissions
Powered by GitBook

© 2024 Halo Security

On this page

Was this helpful?

  1. Platform
  2. Targets

Scan Policies

PreviousTargetsNextAdd-on Services

Last updated 16 days ago

Was this helpful?

For each target in your account, we offer three scan policies designed to give you flexibility. You can manage scan policies per target by going to the target settings page, or in bulk on the page.

Scan Policies

  • Light (default) - This non-invasive scan policy includes Firewall Scanning, Technology Scanning, and Website Scanning. It is perfect for third-party managed assets and platform-hosted websites where server vulnerabilities are out of scope.

  • Standard - This scan policy includes all scans in Light, plus server vulnerability scanning to identify common vulnerabilities and exposures (CVEs).

  • Compliance - This scan policy includes all scans in the Standard policy with extra checks for PCI ASV compliance. This scan policy is required for all targets you want to use in generating ASV reports.

Targets