Map Application and Detection Response (ADR) rules to Assess findings

Contrast can associate Assess findings with ADR rules. Doing so helps you make intelligent decisions about how to triage vulnerabilities.

This workflow illustrates how to get the best results from this association.

Before you begin

If role-based access control is turned on, you need a role with these actions: Access protect and View applications.
If you are using organization users and groups, you need an Organization Admin role.
If you select the Group by sink option on the Vulnerabilities list, no ADR rule status is displayed if a vulnerability group includes multiple applications, as different applications may be configured differently.

Configure the mode and environment for the ADR (Protect) rules that you want to use:

Choose the environment to which the rule mode applies:

Under the user menu, select Organization settings.
Select Applications.
Under Map Protect rules to Assess finding, select an environment.
The default setting is Production.
Contrast applies the mode you configured for the mapped ADR rules to the selected environment.

Exercise your application.
As Contrast detects vulnerabilities, it displays them on the Vulnerabilities list. The Protected in environment column indicates the mode for the ADR rule mapped to each vulnerability. The column refers to the rule setting in the Contrast web interface.
A case could exist where a specific agent is misconfigured to set Protect to Off. In this case, that server won't be protected until Protect is configured to On.
Take action:
- You can change the mode for a rule to Monitor or Block.
  - To change the mode for a single rule, select the Map icon () at the end of the row for a vulnerability.
  - To change the mode for multiples rules at one time, change the rule modes at an organization level.
- You can choose to lower the severity of a vulnerability because an ADR rule is protecting your application against that vulnerability.

In this section: