Vulnerabilities related to infra are incorporated into projects through the use of Infra Group Names. Any Infra scans that are intended for use in Kondukto are integrated as an Infra Profile, a process which mirrors the 'Add Scanner' section of Projects. It should be noted that vulnerabilities are gathered from all included Infra Profiles and amassed into a collective pool.
After adding profiles, all vulnerabilities accumulated in the pool are separated by creating Infra Group Names. In this stage, it becomes feasible to sift through vulnerabilities using filters such as "Meta Data", "IP CIDR", and "Vulnerability Names". In the event where "Meta Data" isn't utilized for filtering, the corresponding IP or Name filter will be subjected to a comprehensive scan of all scanner results without any differentiation between scanners.
The created Infra Profile Names can be added from the settings of the projects. All the added vulnerabilities can be seen in the Infra tab of the Vulnerabilities page of the projects. An Infra profile can be added to more than one project. And the vulnerabilities of a scan can be separated into different projects with this structure.
Updated 4 months ago