Scans
Overview
Scans capture when a security check ran, what target it evaluated, and the resulting status. In Openlane, scans provide traceable evidence that monitoring and review activities are happening on schedule.
Scan records are typically related to the asset or vendor being scanned, along with uploaded evidence or files from that run. Downstream records such as vulnerabilities and findings can then reference the scan as their source.
Compliance Significance
- SOC 2: CC7 monitoring expectations
- ISO 27001: operational monitoring and technical review evidence
Practical Examples
- A security team records monthly domain and vulnerability scans, then links outcomes to follow-up tasks.
- A GRC lead uses scan history to demonstrate control operation during audit interviews.
Examples
- CSV
- GraphQL
- Go Client
- CLI
| Operation | API |
|---|---|
| Create | createBulkCSVScan |
| Update | updateBulkCSVScan |
# Create
Target,ScanType,Status,ScanDate,PerformedBy
api.acme.io,DOMAIN,COMPLETED,2026-02-01T01:00:00Z,Security Automation
vendor-security-review,VENDOR,PROCESSING,2026-02-05T15:00:00Z,GRC Team
# Update
ID,Status,ScanDate,NextScanRunAt,PerformedBy
SCN01J9SCAN11111111111111,COMPLETED,2026-02-10T02:00:00Z,2026-03-10T02:00:00Z,Security Automation
SCN01J9SCAN22222222222222,FAILED,2026-02-10T02:10:00Z,2026-02-11T02:00:00Z,Security Automation
| Operation | Mutation |
|---|---|
| Create | createScan |
| Update | updateScan |
mutation {
createScan(
input: {
target: "api.acme.io"
scanType: DOMAIN
performedBy: "Security Automation"
}
) {
scan {
id
target
}
}
}
mutation {
updateScan(
id: "SCN01J9SCAN11111111111111"
input: {
target: "api.acme.io"
assignedTo: "Security Automation"
}
) {
scan {
id
target
}
}
}
| Operation | Method |
|---|---|
| Create | client.CreateScan(ctx, input) |
| Update | client.UpdateScan(ctx, id, input) |
ctx := context.Background()
performedBy := "Security Automation"
_, err := client.CreateScan(ctx, graphclient.CreateScanInput{
Target: "api.acme.io",
PerformedBy: &performedBy,
})
if err != nil {
return err
}
assignedTo := "Security Automation"
_, err = client.UpdateScan(ctx, "SCN01J9SCAN11111111111111", graphclient.UpdateScanInput{
AssignedTo: &assignedTo,
})
if err != nil {
return err
}
| Operation | Command |
|---|---|
| Create | openlane scan create |
| Update | openlane scan update |
openlane scan create \
--target "api.acme.io" \
--type DOMAIN \
--assigned-to "Security Automation"
openlane scan update \
--id "SCN01J9SCAN11111111111111" \
--status COMPLETED