14Tem
Web app vulnerability scanning: how many URLs to check?
Scanning all of spidered URLs with a tool such as OWASP Zap can be computationally expensive on large apps. Have there been any studies on the adequate number of URLs (just the unique resources) to scan to have, let's say, 95% confidence level about the test's accuracy? I often deliberately exclude large chunks of spidered URLs in my tests for efficiency, but would like to hear from others to see if any kind of methodic approach has been invented.
