Home
Administration Guide
Administration, configuration, and management tasks needed for the optimal use of Seeker
Project Administration
Management and configuration tasks that Seeker administrators can perform for projects.
Configure Project Settings
To customize Seeker's behavior for a project, configure various project settings.

Administration Guide
Administration, configuration, and management tasks needed for the optimal use of Seeker
- System Administration
  Seeker provides a set of tools that enable administrators to configure, customize, and fine-tune various features and capabilities of the system, as well as integrate external tools.
- User Administration
  Introduces the Seeker role-based access control (RBAC) concept, and outlines the user administration tasks.
- Project Administration
  Management and configuration tasks that Seeker administrators can perform for projects.
  - Add a Project
    To start monitoring an application, add a project, and activate it by connecting an Agent.
  - Edit a Project
    Edit project properties.
  - Manage a Project
    Perform project managements tasks, such as delete a project, create a project template, and manage a composite project.
  - Manage Project Membership
    Control access to project-related operations by managing project membership.
  - Configure Project Settings
    To customize Seeker's behavior for a project, configure various project settings.
    - Configure Vulnerability Checkers
      Review the vulnerability checkers available in Seeker, and manage specific checkers for a project or a project template.
    - Assign Compliance Policies to Projects
      To monitor project compliance with a policy, assign it to a project or a project template.
    - Configure Bug Tracking Integration
      Seeker seamlessly integrates with the QA workflows by delivering vulnerability detections directly to your bug tracking system.
    - Configure Sensitive Data
      To improve the protection of sensitive data, configure sensitive parameter matchers that determine whether or not a request contains sensitive data and should be checked for related vulnerabilities.
    - Configure Vulnerability Views
      Customize the display of data in the project dashboards by using predefined views.
    - Configure Code Exclusion
      To prevent the Agents from instrumenting certain parts of your application code, configure patterns to exclude these code parts. This can be handy when you experience problems with your application performance.
    - Configure Custom and Third-Party Code
      Instruct Seeker to differentiate between your application custom code and third-party code for the purposes of security testing by configuring code inclusion and exclusion patterns.
    - Configure Sanitizers and Validators
      Seeker detects unsafe (potentially malicious) data passed in user input. If your application sanitizes or validates such input on its own, you can instruct Seeker to consider it safe and ignore the related vulnerabilities.
    - Configure Custom Data Flow Methods
      Instruct the Java Agent to monitor custom data flow methods in your application by configuring them in an external file.
  - Configure Project Features
    Customize the way Seeker handles a project by configuring its various features.
- Maintenance
  To ensure your Seeker system's health, perform periodic maintenance tasks.
- Using APIs
  Seeker provides a set of Web (REST) APIs that expose its basic functionality. You can use these APIs to automate various administration tasks, such as managing projects, exporting vulnerabilities or creating a diagnostic dump.
- Appendix A. Seeker Environment Variables
  Seeker uses a number of operating system (OS) environment variables and Java Virtual Machine (JVM) properties that administrators can configure to customize and fine-tune the behavior of Seeker server and Agents.

Configure Project Settings

To customize Seeker's behavior for a project, configure various project settings.

The following tasks apply only to regular projects.

The following tasks apply to both regular and composite projects.

Configure Project Features

Automation with APIs

You can automate some of these tasks by using Seeker APIs. For the detailed API reference, click (Web API) in the main menu.

/api/{ver}/projects POST: Creates a new project with the specified properties. You can also use this operation to copy any of the configurations of an existing source project to the new project by specifying the sourceProjectKey parameter and true values for the configurations that you want to copy, such as logLevel or codeExclusion.
/api/{ver}/projects PUT: Updates the configurations of multiple target projects by any of the configurations of a source project. You need to specify the sourceProjectKey and targetProjectKeys parameters, and true values for the configurations that you want to copy, such as logLevel or codeExclusion.
Tip: If you need to define multiple projects, a good practice is to create and configure a template project, and then use this operation to copy its configurations to other projects in a batch.