Home
Administration Guide
Administration, configuration, and management tasks needed for the optimal use of Seeker
Project Administration
Management and configuration tasks that Seeker administrators can perform for projects.
Configure Project Features
Customize the way Seeker handles a project by configuring its various features.
Configure Software Composition Analysis
Seeker integrates the composition analysis tools BDBA® and BDBA® (BDBA).

Administration Guide
Administration, configuration, and management tasks needed for the optimal use of Seeker
- System Administration
  Seeker provides a set of tools that enable administrators to configure, customize, and fine-tune various features and capabilities of the system, as well as integrate external tools.
- User Administration
  Introduces the Seeker role-based access control (RBAC) concept, and outlines the user administration tasks.
- Project Administration
  Management and configuration tasks that Seeker administrators can perform for projects.
  - Add a Project
    To start monitoring an application, add a project, and activate it by connecting an Agent.
  - Edit a Project
    Edit project properties.
  - Manage a Project
    Perform project managements tasks, such as delete a project, create a project template, and manage a composite project.
  - Manage Project Membership
    Control access to project-related operations by managing project membership.
  - Configure Project Settings
    To customize Seeker's behavior for a project, configure various project settings.
  - Configure Project Features
    Customize the way Seeker handles a project by configuring its various features.
    - Configure Active Verification
      Define how to apply Active Verification to the requests generated by an application.
    - Configure Authentication Validation
      Authentication validation can discover API endpoints that do not perform an authentication check.
    - Configure Active Inspection
      Instruct Seeker to actively discover and inspect unused and empty request parameters using unsafe content, as well as untested endpoints and APIs.
    - Configure Cross-Project Analysis
      Seeker enhances data flow analysis by an ability to track unsafe data across projects.
    - Configure Data Flow Map
      Enable Seeker users to explore their application's real-time interactions with other resources, such as databases and internal or external services.
    - Configure Endpoint Discovery
      Enable Seeker to discover all the declared and visited inbound endpoints in applications, such as APIs and application pages, to present a visual overview of their test coverage on the Endpoint Risk page.
    - Configure Project Version Management
      Project version management enables Seeker to automatically detect the application version and assign the detected vulnerabilities to this version.
    - Configure Tracking Unsafe Data from External APIs
      Applications often trust data received from external APIs without validating their safety. Seeker helps you ensure the safe consumption of external APIs by treating their responses as unsafe data.
    - Configure Maximum Connected Agents
      Optimize your application performance by limiting the number of simultaneously connected Agents.
    - Configure Stack Trace Capturing
      Optimize your application performance by configuring the capturing of data flow stack traces for vulnerability detections in a project.
    - Configure Sampling
      Configure how the Agents should monitor identical requests.
    - Configure Suspending Agent on High Resource Usage
      Safeguard your application performance by automatically suspending Agent operation on high CPU/memory usage.
    - Configure Activity Monitoring
      Configure Seeker to monitor application activities.
    - Configure Automatic Project Creation in Composite Projects
      Enable the feature of automatic creation of regular projects within composite projects.
    - Configure Project Membership Inheritance in Composite Projects
      Facilitate user administration for composite projects.
    - Configure Software Composition Analysis
      Seeker integrates the composition analysis tools BDBA® and BDBA® (BDBA).
    - Configure Rapid Scan Static
      Configure Seeker to run Rapid Scan Static powered by the Sigma engine.
- Maintenance
  To ensure your Seeker system's health, perform periodic maintenance tasks.
- Using APIs
  Seeker provides a set of Web (REST) APIs that expose its basic functionality. You can use these APIs to automate various administration tasks, such as managing projects, exporting vulnerabilities or creating a diagnostic dump.
- Appendix A. Seeker Environment Variables
  Seeker uses a number of operating system (OS) environment variables and Java Virtual Machine (JVM) properties that administrators can configure to customize and fine-tune the behavior of Seeker server and Agents.

Configure Software Composition Analysis

Seeker integrates the composition analysis tools BDBA® and BDBA® (BDBA).

Software Composition Analysis (SCA) tools enable organizations to audit open-source software compliance, detect vulnerabilities in, and achieve governance over third-party and open source code.

You can choose which of the tools to use for SCA on a per project basis.

Prerequisites: You have configured integration with the tool(s) that you want to use.

For instructions, see Configure Black Duck and Install and Configure Black Duck Binary Analysis.

In the main menu, click (Projects) and open a project that you want to configure.
Click Features, and scroll down to the Others section.
Toggle on the Enabled switch for Software Composition Analysis (SCA).
Click Configure.
From the SCA tool dropdown list, choose the tool that you want to use for the current project or project template.
Click Save.

Results: If you have chosen Black Duck, you will see more detailed information for Vulnerable Component (SCA) detections in the vulnerability details page, and will be able to access the SCA results from Black Duck via a direct link from that page.