Overview to Architecture

Hierarchy of Objects

Business Units: Business Units are the top class on the hierarchy and use for grouping the Products.

Products: Products are a higher class than projects and function as a cluster to group projects based on preference.

Projects: Projects represent the scannable units on Kondukto and are the main objects presented in the dashboard. Each project has its settings which comprise team, scanners, software development platform, issue manager, notification tool, and security criteria.

Scans: Scans are the results of each scan run on each project. Scan date, scanner name, status, and findings are associated with scans.

Vulnerabilities: Vulnerabilities are the findings discovered from each scan. CWE ID, CWE Name, Status, First Seen Date, Last Seen Date, Issue Status, Name, Severity, and Security Standard Category are associated with vulnerabilities.

Hierarchy of Users

Admin: Admin is the highest user level with the broadest permission set possible.

Manager: Can see the assigned Business Units to their accounts. This role is read-only.

Team Lead: Can see and take specific actions on the projects that their teams are assigned.

Developer: Can only see the scan results of the projects that their teams are assigned.

Pentester: Can only import vulnerabilities into the projects assigned through a team.