Actions

In the actions section, the following automated actions can be created;

Severity Update

Based on the conditions set by the user, Kondukto can automatically update the severity of vulnerabilities. For vulnerabilities that match the condition, their severity can either be set to a specific severity category or can be upgraded (i.e. Low-->Medium) or downgraded (i.e. Critical-->High) by one category.

This action occurs immediately after saving. From then on, Kondukto will adjust the severity of vulnerabilities after every scan or import.

📘

When downgrade or upgrade by one category option is used, Kondukto takes this action only once on the same vulnerability.

This action cannot be undone, meaning that even if the severity update is deleted, the vulnerabilities that were affected will remain changed.

Auto-flagging

Auto flagging feature allows assigning flags to vulnerabilities in an automated fashion.

Once the action is saved, Kondukto performs the assignment of the relevant flag on the vulnerabilities that match the condition set by the user. Going forward, flags are automatically assigned after each scan or import whenever the results contain a vulnerability that needs to be flagged.

When an action is deleted, flags that have been previously assigned to vulnerabilities are not removed automatically.

📘

Automated actions taken on a vulnerability can be tracked under the change log in vulnerability details. These actions are also included in the audit log.