Webscan max scan duration

mercedes-benz / sechub

SecHub provides a central API to test software with different security tools.

https://mercedes-benz.github.io/sechub/

MIT License

273 stars 66 forks source link

Webscan max scan duration #455

Closed Jeeppler closed 3 years ago

Jeeppler commented 4 years ago

Webscans can take a very long time. They can take from minutes, to hours, to days. One should be able to set a max scan duration as parameter for every job.

{
    "apiVersion": "1.0",
    "webScan": {
        "uris": [
            "https://productfailure.demo.example.org"
        ],
        maxScanDuration: "1"
    }
}

Netsparker already has a parameter to set the max scan duration. By default Netsparker sets the max scan duration to 48 hours. The minimum is 1 hour.

^{Jeremias Eppler jeremias.eppler@daimler.com, Daimler TSS GmbH, imprint}

de-jcup commented 4 years ago

Good idea. I would appreciate to use here time unit object also as described at https://github.com/Daimler/sechub/issues/440#issuecomment-728994530

de-jcup commented 3 years ago

We support millisecond, second, minute, hour, day - also in plural (e.g. days)

Here a final result example (using hour)

{
    "apiVersion": "1.0",
    "webScan": {
        "uris": [
            "https://productfailure.demo.example.org"
        ],
        "maxScanDuration": {
            "duration" : 1,
            "unit" : "hour"
        }
    }
}