Versions Compared

Old Version 12

changes.mady.by.user Daniel Colon

Saved on

compared with

New Version 13

changes.mady.by.user Daniel Colon

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Here users
Image Added

📙 You will learn

How to map, configure, and customize scanner vulnerabilities.

Prerequisites

Audience: IT Professional or End User
Difficulty: Basic
Time needed: Approximately 10 minutes
Tools required: N/A

Users can configure severities for any scanner vulnerability type. For , for instance, the user could users can create a mapping that "All Fortify XSS vulnerabilities are Criticals, but AppScan XSS is only Medium."As of version 2.7.4, you can deny list or allow list scanner vulnerabilities, allowing you to filter the types of vulnerabilities that you want ThreadFix to ingest.

Severity Mappings

Severity Mappings for different scanner vulnerability types allow the ThreadFix administrator to customize their installation by remapping the severity of scanner vulnerabilities. First, click the

  1. First click on the Application menu from the Navigation sidebar and click on the Customize submenu. Click on Scanner Vulnerability Types and from the Severity Mappings tab click on the Create New Mapping

button

  1.  button.

Image Removed

  1. This will bring up a dialog to map

your

  1. a scanner vulnerability to a severity type.

Image Removed
  1. Image Added

    *Note: prior ThreadFix versions may display Deny/Allow List as Blacklists/Whitelists.

  2. Begin typing in

the

  1. the Source Scanner Type

field

  1.  field. A

menu drops down, populated

  1. drop-down menu will populate with supported scanners matching the letters typed. Select

your

  1. a scanner from the list.

In the illustration, we have chosen

  1. The example below shows OWASP ZAP (Zed Attack Proxy) as

our

  1. the chosen scanner.

Now, type
  1. Image Added

  2. Type in the scanner vulnerability

you wish

  1. to remap.

In

  1. For this

case,

  1. example the source scanner vulnerability

is

  1. is Weak Authentication Method.

Image Removed

  1. Select

your

  1. Target Generic Severity Type

from

  1.  from the dropdown list. The

illustration shows

  1. example below shows Weak Authentication Method

now

  1.  and has a severity

of

  1. of High.

Click the Save Changes button. You will then see a success message, and your new mapping displayed.

Image Removed

Note

If you select the Ignore severity for a particular Scanner/CWE combo, all corresponding vulnerabilities will be hidden, i.e., they will not appear in any vulnerability tree nor count toward vulnerability counts.

  1. Click the Create Mapping button.

    Image Added

  2. A success message will display along with the new mapping.

    Image Added

CWE Mappings

CWE Mappings allows users with Manage Vulnerability Types permission to manually map scanner vulnerability types.

  1. Select the CWE Mappings tab to display Unmapped Scanner Vulnerability Types. The following example displays a scan with unmapped vulnerability types following a scan upload to an application.

    Image Added

     

  2. To manage unmapped vulnerabilities, first select a desired scanner to map and click the Create Mapping link. This will pop up a Create Mapping modal. Note the scanner can also be expanded to view details for the scanner; clicking the View Finding link will redirect to its Finding Details page which contains an Edit CWE Mapping button allowing for the same mapping function.

    Image Added

     

  3. From the Create Mapping modal, begin entering a CWE into the entry field and select the desired CWE.

    Image Added

    Click the Create Mapping button.

    Image Added

     

  4. The scanner vulnerability type will now be added to the list of Custom Scanner Vulnerability Type Mappings. The Edit Mapping link brings up the Create Mapping modal to allow it to be remapped.

    Image Added

     

  5. Clicking the View History link will display a Mapping History modal.

    Image Added

From the top of the CWE Mappings tab, mapped and unmapped type reports can be exported by email with their respective button.

Image Added

Deny List/Allow List

On a per-scanner basis, you users can exclude specific scanner vulnerabilities (deny list) or limit which scanner vulnerabilities are allowed (allow list) when ingesting scans.

  1. Select

the

  1. the Deny List/Allow List

tab and click the '

  1.  tab and select a scanner to add or remove from a Add to Deny List

'

  1. or

'

  1. Add to Allow List

'

  1. button, depending on which mode is selected

(

  1. . Deny List Mode is the default

).

Image Removed

Start

  1. .

    Image Added

  2. Note the example scanner chosen below and the radial buttons for Deny List Mode and Allow List Mode. For this example, click the Add to Deny List button.

    Image Added

  3. Begin typing a scanner vulnerability, select the desired one, and click the

'

  1. Add Scanner Type

' You can edit

  1. button.

Image Removed

  1. Image Added

  2. The vulnerability will be added to the Scanner. Edit or delete the filter afterward, if desired, using the 'Edit/Delete' button.

.Image Removed

  1. Image Added

Table of Contents

Table of Contents