Skip to main content

General settings

In System > General, you can manage DerScanner settings.

System

  • Clean analysis directory — select this option so that only files with vulnerabilities are saved in the system.
  • Code highlight size — specify value for syntax highlighting in files on the Detailed results page of a project.
  • Default locale — select the response language for API requests.
  • Size limit for uploaded files — limit the size of uploaded files, in bits.
  • Session timeout — specify time limit, upon which reauthentication in the DerScanner web-interface will be required.
  • Pause the system — pause all active scans in the system. Scan progress will be saved.
  • Size limit for uploaded files — set limit to unpacked files size, in bits.
  • Recursion — define the level of repacking that should be used for uploaded nested archives, including .zip, .jar, etc.
  • External system address — specify the IP address or domain name of the host to access the system's web interface. It is required for configuring autoscanning via a webhook, Swagger, and generating links in reports, task managers, and outgoing emails.
  • DerCodeFix — specify the IP address of the DerCodefix module. It is required to establish connection with the cloud infrastructure to generate AI fixes for detected vulnerabilities.

Mail

In the Mail section, you can work with the following properties:

  • Admin — specify email addresses, which will receive notifications upon scan initiation or failure.
  • Feedback — specify email addresses, which will receive system feedback.
  • From — specify email address for sender.
  • Host — mail server host for connection.
  • Localhost — mail server domain name.
  • Password — authentication password.
  • Port — mail server port for connection.
  • SSL — mail server ssl, takes values true/false.
  • TLS start — mail server starttls, takes values true/false.
  • User — authorization login.

In the Notifications section, you can manage notification preferences. Notifications for license and support subscription expiration can be customized: both in terms of preferred method of display, and notice period & frequency.

User management

Default roles allows you to configure:

  • User created via API — select the role and the maximum number of available scans for a user created via REST.
  • The user synchronized from LDAP — select the role and the maximum number of available scans for a user synchronized from AD.
  • User created by a system administrator — select the role and the maximum number of available scans for a user created by the administrator.

In the Password rotation section, you can manage:

  • Password rotation — select this option to enable mandatory password rotation.
  • Password expiration (days) — specify validity time of a password.
  • Daily password expiration notification — specify the period of time during which the user will be daily notified of password expiration.

In the Block user after failed login attempts section, you can set up:

  • Block user after the number of login attempts is exceeded — select this option to enable user blocking upon unsuccessful login attempts excess.
  • Block period — set up block period for blocked users.
  • Login attempts limit — define the limit of unsuccessful authorization attempts.

Build agents

To add an agent:

  1. In the Build agent name field, specify the name of the agent.

  2. In the Address field, specify the agent server address.

  3. In the Port field, specify the agent port.

  4. In the Username field, specify the username used to access the build agent.

  5. In the Password field, specify the password used to access the build agent.

  6. In the Timeout (minutes) field, specify the timeout in minutes. If the build time exceeds this value, the analysis will proceed without build.

  7. Click Add to save agent.

To check the connection to the specified agent, click Check Connection.

After the agent is added, you can use it for the analysis of your Java, Scala, Kotlin projects. To do so:

  1. In the scan settings (Languages settings > Java, Scala, Kotlin), select the Source code (build with agent) option.

  2. Select the added agent from the list and specify the command that will be used to build the project.

After the scanning begins, the project will be sent to the agent.

Please notice: The build commands specified in the DerScanner UI, along with the source code, are run by a service with the derscanner user rights in the agent's working directory.