Hello. I am new to using Fortify WebInspect and need some guidance (if available) on conducting a basic scan of an application in Dynamics 365.
I can't get the login macro to record properly (and WebInspect won't allow me to use the good macro recorded with the Web Proxy tool). The macro still saves and the scan continues. But the scan never stops (runs for 10 hour until I force it to stop).
I have tried running both a Basic Scan and a Guided Scan with no success. Are there any special settings I can or should set to get the scan to stop looping through the site tree in Dynamics 365?
To prevent identical, dynamic folders from being added to the scan length, yet include some variants (1 through 13) in the scan for security coverage. If directories are all of the form: "/psp/ps_1/", "/psp/ps_2/", "/psp/ps_44/", et al.
excluded URL = /psp/ps_([4-9])|([2-9][0-9])/
version for also excluding 3-digit folders = /psp/ps_(([4-9])|([2-9][0-9])|(/d/d/d))/
Regex = \/products\/(?!\wa)\w\w\/
Scenario: This is specific to these this /products/ folder structure. It will cause all of them to be omitted by WebInspect, except for those folder names with the letter "a" in the second position. I chose "a" arbitrarily, but you could alter this easily by replacing the "a" character in the regex with your desired character.