Track vulnerabilities

If you are using a bugtracker integration, you can:

  • Send vulnerability data to other members of your organization.

  • Plan and maintain timely patching to prevent attacks.

  • Streamline workflows by sending vulnerability information directly to your bugtracking tool.

  • Receive notifications of any new high or critical vulnerabilities in your application.

To track vulnerabilities:

  1. Be sure Contrast is integrated with at least one bugtracker.

  2. Select Vulnerabilities in the header, then hover over the row in the grid for the vulnerability you want to track.

  3. In the far right column, select the Send vulnerability icon. This option is also available from the vulnerability details page in the top right corner.

    SendVuln.png

    To track multiple vulnerabilities, use the check marks in the left column of the vulnerabilities grid to select the ones you want to track. In the batch action menu that appears at the bottom of the page, select the Send vulnerability icon. Choose Send to bugtracker (you can also choose to send by email).

  4. In the window that appears, select the bugtracker you want to use from the drop-down menu (if you are integrated with multiple), add any related information, and select Send.

  5. The vulnerability status is automatically updated to Reported, and an arrow icon appears beside the status in the grid row for the vulnerability. Hover over this icon for more information, including the bugtracker name(s) and corresponding ticket number(s).

    TrackedVulnArrow.png

    To quickly see which vulnerabilities are tracked, use the filter in the Status column, and select "Being tracked".

    FilterTrackedVulns.png

Tip

You can also export vulnerability data to a CSV or XML file for custom processing, or use the API to gather data outside the web interface.