Track vulnerabilities

If you are using a bugtracker integration, you can track vulnerabilities in multiple ways:

  • Send vulnerability data to other members of your organization.

  • Plan and maintain timely patching to prevent attacks.

  • Streamline workflows by sending vulnerability information directly to your bugtracking tool.

  • Receive notifications of any new high or critical vulnerabilities in your application.

Before you begin

Be sure Contrast is integrated with at least one bugtracker tool.

Steps
  1. Select Vulnerabilities in the header.

  2. To track a single vulnerability, jover over the end of the row for the vulnerability you want to track.

  3. In the far right column, select the Send icon.

    This option is also available from the vulnerability details page.

    SendVuln.png
  4. To track multiple vulnerabilities:

    1. Select the check marks next to each vulnerability you want to track.

    2. In the batch action menu at the bottom of the page, select the Send Vulnerablity icon (SendIcon.png. ).

    3. Select Send to bugtracker.

      You can also choose to send the tracking data by email.

  5. In the Send vulnerability window, select the bugtracker tool you want to use from the dropdown (if you are integrated with multiple tools), add any related information, and select Send.

    The vulnerability status updates automatically to Reported and an arrow icon displays next to the status of the vulnerability. Hover over the arrow for more information, including the bugtracker name and corresponding ticket numbers.

    This image shows the status of Reported after you send a vulnerability to a bugtracker
  6. To quickly see which vulnerabilities are tracked, use the filter in the Status column, and select Being tracked.

    Image shows the Being tracked filter

Tip

You can also export vulnerability data to a CSV or XML file for custom processing, or use the API to gather data outside the web interface.