Run First Scan

Previous Next

Once you have at least one verified asset, you can launch a vulnerability scan. This guide walks you through running your first scan and understanding the initial results.

Before You Begin

Make sure you have:

  • At least one asset added and verified (see Add Your First Asset).
  • Appropriate permissions (Team admin or a privileged account).

Starting a Scan

1. Navigate to Guided Scan

In the left sidebar, go to Scans > Start > Guided to open the guided scan wizard.

2. Select Scan Type

Choose one of the available scan types:

Scan Type Description
Single Scan Targeted scan for a specific URL, IP, or domain using a single tool.
Full Scan Comprehensive security check including OWASP Top 10 on your verified assets.
Light Scan Quick and limited security check for rapid insights.
Crawl Only AI-powered web crawling to map your web structure without vulnerability detection.

Tip

For your first scan, start with a Light Scan to get fast results. You can run a Full Scan afterward for deeper coverage.

3. Select Your Asset

Pick your verified asset from the Select Asset dropdown. Only verified assets are available for Full Scan, Light Scan, and Crawl Only.

For Single Scan, you can enter any URL, IP, or domain directly without requiring a verified asset.

4. Select Scan Tools

Browse the scan tool library and select the tools you want to run. You can filter by Category, Target Type, Severity, Scan Type, Permission, and Status to narrow down the list.

5. Start the Scan

Click Next to start. The scan will be queued and begin processing shortly.

Monitoring Progress

After starting a scan, you can monitor its progress from the Activities section in the left sidebar:

  • Continuous Activities -- View scans that are running on a recurring schedule or as part of an ongoing monitoring workflow.
  • Manual Activities -- View scans that were manually triggered, including the scan you just started.

Each activity entry shows the current state (Queued, Running, Completed, or Failed) along with progress details and any findings discovered so far.

Reviewing Results

When the scan completes:

  1. Go to Activities > Manual Activities in the left sidebar.
  2. Use the tabs at the top (Full Scan, Light Scan, Single Scan, Crawl Only) to filter by scan type. You can also filter by Asset, Tags, Status, and Date.
  3. Click on a scan entry to open the Scan Result page. This page shows:
    • Status -- Whether the scan finished successfully or encountered an error.
    • Activity Logs -- A timeline of scan stages (e.g., "Full Scan has been started", "Crawler has been triggered", "Fuzzer has been finished").
    • Scans -- Total number of finished scans.
    • Crawler -- Number of discovered URLs and ports.
    • Reports -- Number of generated reports.
  4. Click Show Result in the top-right corner to view the detailed findings.

Note

First-time scans may take longer than subsequent scans because S4E builds an initial profile of your asset. Follow-up scans are typically faster due to caching and incremental analysis.

What's Next?

  • Explore the Dashboard for a holistic view of your security posture.
  • Learn about Scan Types to choose the right approach for ongoing monitoring.
  • Review Understanding Findings to learn how to interpret and act on results.
Add First Asset Dashboard Overview