Skip to main content

About Scan Profiles

A scan profile is a set of scan settings that are grouped together and then applied at scan time. A given project is associated with a scan profile by default, but the Project Administrator can assign the project to a different scan profile at any time, as described in “Applying a Scan Profile to the Project” in the “Using Code Insight” chapter in the Code User Guide.

Code Insight provides the following standard (pre-defined) scan profiles. You can modify these profiles (with the exception of the Standard Scan Profile) and assign them to projects. (See Description of the Scan Profile Settings for the default settings used by each of these profiles.)

  • Basic Scan Profile (without CL)—Defines a scan that uses Automated Analysis to detect evidence of open-source software (OSS) and third-party code in your codebase and generate an inventory of the findings. This scan does not perform exact-file or source-code matching and therefore does not use the Compliance Library (CL).

  • Standard Scan Profile—Defines a scan that includes the basic scan features but also performs exact-file matching (that is, identifies codebase files that have an exact MD5 match in the CL). This scan requires the CL.

    note

    This scan profile cannot be modified. Its settings are used as the template when creating a scan profile.

  • Comprehensive Scan Profile—Defines a scan that includes the basic scan features but also performs exact-file and source-code matching. (Source-code matches are strings in the codebase files that have an exact match to content in files in the CL). This scan requires the CL.

In most cases, the standard scan profiles are enough to get started. However, if they do not meet your needs, you can create your own custom scan profiles.