Global Settings

In the global settings, changes can be made to various Kondukto configurations. The working principles of Kondukto are affected by these configurations and, therefore, should be adjusted with care.

🚧

Before any modifications are made to these settings, ensuring an understanding of their implications is required. Should any uncertainty arise, it is recommended that the support team be contacted.

If not handled correctly, the stability of your Kondukto product may be affected by these configurations.

Concurrency

From the Concurrency section number of concurrent imports & scans can be adjusted.

Manually Added Vulnerabilities

By default, vulnerabilities that have been manually added can only be closed through the Kondukto UI, necessitating user action. If the preference is to alter this behavior, ensuring that the closure of the connection issue on the issue manager also closes the vulnerability, this configuration can be enabled.

Vulnerabilities can be closed manually on Kondukto(default).

Once vulnerabilities are closed on the issue manager, they will be closed as well on Kondukto.

CVSS Mapping

From this section, the assignment of CVSS scores to each severity category can be defined. The default CVSS scores are as follows, as set by Kondukto.

Deduplication

The results that come from SAST, SCA, and CS scanner categories can be deduplicated by Kondukto.

The priority list of scanners to be used when deciding on the master vulnerability, should the same vulnerability be discovered by multiple scanners, must be defined.

Git Matcher

The developers who committed the vulnerabilities to the source code are identified by the Git Matcher. This functionality is only available for SAST and IaC scanners.

Two options for Committer are available:

Code Owner: Is the person who wrote the vulnerable line of code.

Last Push Owner: Is the person who pushed a commit to the file where the vulnerability is located.