Skip to content

Add targets

Targets in SolidPoint are scanned applications with a known URL and defined settings.

If you have already added targets, they will be listed on the Targets page accessible from the side navigation. The list of targets can also be opened by clicking on the card with number of targets on the Overview page.

When you first log in, the Targets page will not display any added data:

SolidPoint dashboard. No targets added

To create a target:

  1. Press New target.
  2. Fill in the target details. Enter the URL of the target. Use the tooltips to ensure you enter the URL correctly. Add a text description if necessary.
  3. Press Next to proceed to the target settings.

  4. If necessary, enable request restriction.

    Limiting the requests per second (RPS) allows you to reduce the impact of scanning on the performance of the target application. However, the higher the number of requests per second, the faster the scan will be performed. It is not recommended to change this parameter without permission from the application administrator.

  5. If required, select Use API specification. Use the hints to download the specification file.

  6. Enable authentication. The SolidPoint interface allows you to configure one or more authentication types for scanning.

    It is recommended to coordinate authentication methods with the administrator of the application being scanned.

  7. Press Next to proceed to the target setup summary.

  8. Check the data in the preview window and click Create. A new target with the specified parameters will be added to the Targets page.

    Use the context menu at the side of the page to go back to editing, run a scan, or delete a target.

Authentication types

The SolidPoint interface supports the following authentication methods for web applications:

  • Cookie. Uses a unique identifier that is sent from the server to the user's web browser.
  • Custom Header. A token or set of credentials are used for authentication.
  • HTTP Basic Auth. Authentication is performed by a username and password.
  • Local Storage. This type of authentication relies on access tokens from the browser's local storage.
  • TLS client certificate. Authentication using a client certificate and a digital key. The TLS protocol is used to establish an encrypted network connection.

For more information see Authentication in scanned applications.