Home
Administration Guide
Administration, configuration, and management tasks needed for the optimal use of Seeker
Project Administration
Management and configuration tasks that Seeker administrators can perform for projects.
Configure Project Settings
To customize Seeker's behavior for a project, configure various project settings.
Configure Sensitive Data
To improve the protection of sensitive data, configure sensitive parameter matchers that determine whether or not a request contains sensitive data and should be checked for related vulnerabilities.

Administration Guide
Administration, configuration, and management tasks needed for the optimal use of Seeker
- System Administration
  Seeker provides a set of tools that enable administrators to configure, customize, and fine-tune various features and capabilities of the system, as well as integrate external tools.
- User Administration
  Introduces the Seeker role-based access control (RBAC) concept, and outlines the user administration tasks.
- Project Administration
  Management and configuration tasks that Seeker administrators can perform for projects.
  - Add a Project
    To start monitoring an application, add a project, and activate it by connecting an Agent.
  - Edit a Project
    Edit project properties.
  - Manage a Project
    Perform project managements tasks, such as delete a project, create a project template, and manage a composite project.
  - Manage Project Membership
    Control access to project-related operations by managing project membership.
  - Configure Project Settings
    To customize Seeker's behavior for a project, configure various project settings.
    - Configure Vulnerability Checkers
      Review the vulnerability checkers available in Seeker, and manage specific checkers for a project or a project template.
    - Assign Compliance Policies to Projects
      To monitor project compliance with a policy, assign it to a project or a project template.
    - Configure Bug Tracking Integration
      Seeker seamlessly integrates with the QA workflows by delivering vulnerability detections directly to your bug tracking system.
    - Configure Sensitive Data
      To improve the protection of sensitive data, configure sensitive parameter matchers that determine whether or not a request contains sensitive data and should be checked for related vulnerabilities.
    - Configure Vulnerability Views
      Customize the display of data in the project dashboards by using predefined views.
    - Configure Code Exclusion
      To prevent the Agents from instrumenting certain parts of your application code, configure patterns to exclude these code parts. This can be handy when you experience problems with your application performance.
    - Configure Custom and Third-Party Code
      Instruct Seeker to differentiate between your application custom code and third-party code for the purposes of security testing by configuring code inclusion and exclusion patterns.
    - Configure Sanitizers and Validators
      Seeker detects unsafe (potentially malicious) data passed in user input. If your application sanitizes or validates such input on its own, you can instruct Seeker to consider it safe and ignore the related vulnerabilities.
    - Configure Custom Data Flow Methods
      Instruct the Java Agent to monitor custom data flow methods in your application by configuring them in an external file.
  - Configure Project Features
    Customize the way Seeker handles a project by configuring its various features.
- Maintenance
  To ensure your Seeker system's health, perform periodic maintenance tasks.
- Using APIs
  Seeker provides a set of Web (REST) APIs that expose its basic functionality. You can use these APIs to automate various administration tasks, such as managing projects, exporting vulnerabilities or creating a diagnostic dump.
- Appendix A. Seeker Environment Variables
  Seeker uses a number of operating system (OS) environment variables and Java Virtual Machine (JVM) properties that administrators can configure to customize and fine-tune the behavior of Seeker server and Agents.

Configure Sensitive Data

To improve the protection of sensitive data, configure sensitive parameter matchers that determine whether or not a request contains sensitive data and should be checked for related vulnerabilities.

These matchers are defined by the parameter names and types, the patterns of names, values or URLs in which they are passed.

In the main menu, click (Projects) and open a project that you want to configure.
Click Sensitive Data.
A list of currently defined sensitive parameter matchers is displayed.
You can filter the list by the matcher type and literal parameter name, value, and URL. Filtering works only as exact match of the literals with the defined patterns.

Tip: Seeker supplies several predefined common parameter/header name and value pattern matchers such as authentication token, credit card, password, and more. You can enable or disable any of these matchers as required.
To add a new matcher, click +Add sensitive parameter matcher. To edit an existing matcher, click the Edit button in its row.

Enter the following properties:

Property	Description
Name	Name of the matcher.
Type	Select the type of sensitive parameter matching: Match to any supported user-input type (default) Restrict to HTTP body or query parameters Restrict to HTTP headers
Parameter name pattern	Enter a regex pattern for parameter names, for example,`(.password.)\|(.passphrase.)\|(.passwd.)\|(.username.)`. A regex matching any string is `.*`).
Parameter value pattern	Enter a regex pattern for parameter values, for example, `(\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,6}\b)`.
URL pattern	Enter a regex pattern for URLs.
Mask parameter value	Select this option to protect sensitive data, such as passwords. If selected, the sensitive parameter values in a matching vulnerability detection will not be displayed in the UI.

Save your changes.