Assessment Settings in Tenable Web App Scanning Scans

Assessment settings specify which web application elements you want the scanner to audit as it crawls your URLs.

DOM Element Exclusion

DOM element exclusions prevent scans from interacting with specific page elements and their children. This setting is available for Scan, Overview, and PCI scan templates.

Note: When the scanner is deciding whether to exclude an element based on an attribute value, it performs an equality check. So, if you want to exclude any element with css class foo, the scanner excludes an element that has class="foo", but not an element that has class="foo bar".

You can add exclusions by clicking the add button and selecting Text Contents or CSS Attribute.

Setting	Default	Description
Text Contents	None	Excludes elements based on text contents. For example, if you want to prevent the scanner from clicking a logout button named Log Out, you could match the text Log Out.
CSS Attribute	None	Excludes elements based on a CSS attribute key-value pair. For example, if you want to prevent the scanner from interacting with a form that contains the CSS attribute key-value pair id="logout", type id for the key and logout for the value.

Setting

Default

Description

Text Contents

None

Excludes elements based on text contents.

For example, if you want to prevent the scanner from clicking a logout button named Log Out, you could match the text Log Out.

CSS Attribute

None

Excludes elements based on a CSS attribute key-value pair.

For example, if you want to prevent the scanner from interacting with a form that contains the CSS attribute key-value pair id="logout", type id for the key and logout for the value.