Project Endpoints

Users can view a list of all endpoints in the project, along with the number of vulnerabilities identified by each scanner type in each endpoint.

Endpoints can be searched by name and sorted. Sorting by the number of vulnerabilities in each severity category and the total number of vulnerabilities is possible. The "/" at the table signifies the root folder and displays the total number of vulnerabilities regardless of the endpoints.

When a vulnerability is manually associated with an endpoint from the vulnerability details drawer, it can take up to 5 minutes until this table is refreshed, as Kondukto usually updates this table every 5 minutes. Suppose the user wants to see the change immediately. The Sync button in the upper right corner updates the table. Users can also export the table in .csv format by clicking the Export button.

SAST and SCA vulnerabilities are automatically associated with related endpoints by Kondukto if the "Source Dir" field in the Endpoints section under Project Settings is filled out by the user when adding endpoints to the project.

The users can also view SAST and DAST vulnerabilities pointing to the same endpoint by clicking on the button under the Action column.

In this view, vulnerabilities are categorized by CWE IDs so that it becomes easier to analyze whether both SAST and DAST tools are pointing to the same issue or not.

Users can click the Link button next to Vulnerability Name for more detailed information about the vulnerabilities.