Activate your modules
One checklist that takes your organization from the first scan to every purchased module running, with the portal path and the verification step for each.
Your first scan proves the platform works. This page covers everything after that: each WASViking® module, where to turn it on, and how to confirm it is producing results. Work top to bottom; every row links to the page with the full detail.
You need the Admin role for most of the steps below. Module availability depends on your plan; anything your plan does not include appears locked in the portal.
Runs on every scan, nothing to switch on
These capabilities are part of the scan engine itself. If your first scan completed, they are already active.
| Module | Where results appear | Detail |
|---|---|---|
| External DAST | Findings and the scan report. | External DAST |
| Modern API Security (GraphQL, SOAP, WebSocket, JWT) | Findings, when the scan profile covers APIs. | Modern API Security |
| Out-of-Band Validation (OAST) | Inventory → Out-of-Band (OAST), plus the findings it confirms. | Out-of-Band Validation |
| Component detection (cloud side) | Inventory → Software Bill of Materials. | Software Supply Chain |
| Sensitive port baseline | Findings, category exposed_port. |
Sensitive Port Monitoring |
| Exploit Paths | Exploit Paths page, once findings exist. | Exploit Path Graph |
| Compliance mapping | The Compliance tab on every scan report. | Framework mapping |
To widen API coverage, pick the right scan profile (api_jwt for
REST, GraphQL, and JWT work; soap for SOAP services) and attach your
OpenAPI or WSDL document to the target. See
Scan profiles and templates.
Switch on per asset or per domain
| Module | Turn it on | Confirm it works |
|---|---|---|
| Certificate Monitoring | Assets Inventory → Add New Asset (or edit an existing asset) and toggle Monitor SSL. Alert thresholds live under Settings → System Settings → Notifications & Alerts. | The asset appears under Certificates → Certificate Monitoring with a Last Checked timestamp. Detail |
| Exposure Intelligence | Settings → System Settings → Add Monitored Domain, then complete the consent checkboxes and the DNS TXT verification. | The domain shows as verified and matches surface under Cyber Risk → Exposure Intelligence. Detail |
| Edge Threat Radar | Connect your Cloudflare zone following the Cloudflare integration guide. | Events appear on the Edge Intelligence dashboard within a few polling cycles. Detail |
| Custom sensitive ports | Settings → System Settings → Notifications & Alerts, add your ports to the monitored list. | The next scan raises findings for any of those ports found open. Detail |
Deploy something on your side
These modules need a component running inside your environment.
| Module | Turn it on | Confirm it works |
|---|---|---|
| Internal scanning (Sentinel agent) | Register an agent in the portal and install it on a host that can reach your internal targets. Follow WASViking Sentinel Tunnel. | The agent shows Active on the Sentinel Agents page, and an internal target scan completes. Detail |
| SBOM from your repositories | Run wasviking-sentinel sbom against your projects and submit. |
Submissions appear under Inventory → Software Bill of Materials. |
| Hard-coded secrets on disk | Run wasviking-sentinel secrets against your repositories. |
Submissions appear under Inventory → Secrets, with verified-live flags where applicable. Detail |
| CI/CD gates (DAST, SCA, secrets) | Add the binary to your pipeline. Start from wasviking-sentinel in CI/CD, or use the GitHub recipes for DAST and SCA, SBOM and secrets. | The pipeline run exits with the documented gate codes and the results land in the portal. |
| AI Guardian on employee devices | Follow Set up WASViking AI Guardian: enable the feature, mint the install key, run the installer per device. | Devices report under Cyber Risk → AI Guardian and a test event is classified. Detail |
Watch what you shipped
Once SBOMs are flowing, two supply chain layers start working for you.
| Module | Turn it on | Confirm it works |
|---|---|---|
| Supply Chain Intel | Nothing to configure. Every submitted SBOM is re-checked daily against new advisories (Pro plan and above). | Matches appear under Inventory → Supply Chain Intel. Detail |
| Supply-chain IOC | Inventory → SBOM → Supply-chain IOC: enter an indicator, dry-run, then apply. | The dry-run preview lists affected components before any finding is created. Detail |
Automate the operation
| What | Where | Detail |
|---|---|---|
| Alert routing | Create channels first: Slack, Teams, email, or webhook. | Notification Channels |
| Recurring scans | Scans → Scan Schedules: pick a target, a template, and a cadence. | Scan Schedules |
| Autonomous planning | Scans → AI Scan Planner: turn on the Enabled toggle and review the daily decisions. | AI Scan Planner |
| Ticketing | Connect Jira for two-way finding sync. | Jira |
| SIEM and automation | Ship events to your SIEM or your own consumers. | SIEM, Webhooks |
| Single sign-on | Enforce your identity provider for portal access. | SAML 2.0 SSO |
Prove it
When an auditor, a customer, or a prospect asks for evidence, three surfaces answer without giving anyone portal access:
- The Compliance tab and PDF report per scan, mapped across PCI DSS, LGPD, GDPR, BACEN, and ISO 27001. See Framework mapping.
- A read-only snapshot of your posture via a Posture Share. The click-by-click flow is in Posture Shares; the recipient visibility contract lives in the reference page.
- A signed, verifiable SBOM Evidence Bundle. The click-by-click flow is in SBOM Evidence Bundles; the package contents and verification live in SBOM Evidence Bundle.
Where next
- Scanning behind a login: Authenticated scanning.
- Understanding scores and SLAs: Findings and Risk Score.
- Automating over the REST API: Authentication.
