SUMMARY.md

Table of contents

• Home

🔦 Auditor

• 📥 Deployment
  • Installation
  • Update
• 🎯 Features
• ⚙️ Settings
  • AppSec Portal cooperation
  • Direct use of the Auditor
    • Cleaner
    • Docker Credentials
    • Workers
    • Personalization
  • Jobs
    • Technical Jobs
    • Scanner Jobs
    • Job configuration
• 🚀 Run Audit
  • AppSec Portal cooperation
  • Direct use of Auditor
• 🗒️ Release notes

🖥️ AppSec Portal

• 📥 Deployment
  • License obtaining
  • Installation
  • Get started with the AppSec Portal
    • Сonfiguration options
  • Update
  • Accessing the AppSec Portal API Endpoints
  • Database transfer guide
  • FAQ: typical errors in deployment process
• ⚙️ Post install Configuration
• 🎯 Features
  • Active tasks
  • Custom Reports
  • Deduplicator
    • Basic deduplicator rules
    • Advance Deduplicator rules
  • Recommendations
  • Security Metrics
    • Severity Statistics Dashboard
    • WRT (Weighted Risk Trend)
    • How to work with WRT (for team leads)
    • Metrics settings
      • SLA
    • CVSS
      • CVSS Rule
  • Asset management
    • How to import repositories from version control
    • Default product
• 🎣 Auto Validator
  • Rule creation
  • Rules view
• 🕷️ Findings view
  • All findings view
  • Grouped findings as a result of
  • Grouping of findings into groups
  • Available bulk actions
  • Viewing specific findings
  • Usable filters and easy sorting
• 🔬 Scanners
  • Importing reports from scanners to AppSec Portal
    • Manual Import using Report File
    • Importing reports via Terminal using a Report File
    • Importing reports via Lambda Function using a Report File
  • Scanner description
    • Code Scanners
      • Bandit
      • Brakeman
      • Checkov
      • CodeQL
      • ESLint
      • Gemnasium
      • Gosec
      • Hadolint
      • KICS
      • PHPCodeSniffer
      • Retire.js
      • Semgrep
      • SpotBugs
      • Terrascan
    • Secret Scanners
      • Gitleaks
      • Trufflehog3
    • Image and code dependency Scanners
      • Trivy
      • Trivy vulners.com plugin
    • Web Scanners
      • Arachni Scan
      • Acunetix
      • Burp Enterprise Scan
      • OWASP Zap
    • Infrastructure Scanners
      • AWS Security Hub Scan
        • Importing reports via AWS Lambda Function within AWS Security Hub
      • Prowler
      • Subfinder
      • Nessus
      • Nuclei
    • Mobile Security Scanners
      • MobSFScan
    • Other Scanners
      • Dependency-Track
      • Snyk
      • Whitespots Portal
• 🔦 Auditor
  • Assets screen
  • Asset Transfer Between Products
  • Audits
  • Auditor settings
    • Product Asset Setting
    • Auditor Configurator
    • Sequences
      • Sequences creating
      • Sequences setting
  • Run audit
    • Run Audit Manually
    • Scheduled Audit Run
• 📊 Jira
  • Jira integration configuration
  • Setting up Jira webhook
• 👾 DefectDojo
• 🛠️ General Portal settings
  • Version Control
  • Profile
  • Managing user roles and access control
    • User management
    • Creating and editing roles
  • Product settings
    • Product Creation
    • Import Repositories
    • Product options
    • Finding groups
    • Risk assessment
    • Product Asset
  • Scanner settings
    • Auto Closer
    • Group findings by
    • Custom Jira description
    • Custom severity mapping
    • Auditor Job Config
  • Notification settings
    • Integration
    • Criteria & Schedule
    • Status change notification
    • Manage notification schedule
  • SSO settings
    • GitLab SSO
    • Microsoft SSO
    • Okta SSO
  • Repository Link Configs
  • Tag screen
  • CWE list
• 🗒️ Release notes