As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.
System Navigation
Application Menu
The Application menu contains the Dashboard, Portfolio, Scans, Analytics, Integrations, and Customize pages.
Dashboard
The Dashboard is a high-level view of applications, depending on the user’s role in the system. To an Administrator, the Dashboard will show trending vulnerabilities, applications with the most vulnerabilities, the most recent scans uploaded, and any recent comments made. This view is customizable, allowing placement of different types of ThreadFix vulnerability data here. This view is governed by ThreadFix’s role-based access control, so it will only contain data the authenticated user is authorized to view.
The Dashboard is divided into four UI elements:
Application data
Vulnerability trends
Recent uploads
Recent comments
Â
Portfolio
The Portfolio page allows for the organization of teams in ThreadFix. An administrator assigns applications to teams. From the Portfolio page users can create new teams, add applications to them, view vulnerabilities that team's applications have, and see the progress made in addressing them. Through the drop-down menu users can select Team View or Applications View.
Team View
Particular team details can be expanded to view further information:
Application View
Risk Weights- Optional Portfolio View - Beta
If Risk Ratings have been enabled, the Portfolio page will contain an added drop-down view for Relative Risks.
Applications will be sorted according to their overall risk level.
Scans
From the Scans page the user can view a list, by date, of all the scans uploaded to ThreadFix with links to see the details of any individual scan. The user can identify scans by date, application, team, and scanner. Also listed are the number of vulnerabilities and their severity.
Analytics
Analytics is the reporting and metrics part of ThreadFix, featuring real-time charting and filtering, enabling the user options to display data any way necessary. The Analytics page is divided into the following five tabs: Trending, Snapshot, Remediation, Vulnerability Search, and Hotspot.
Trending
The Trending tab offers a graphic Trending Report display for totals of vulnerabilities across teams, applications, and tags across a period of time.
Snapshot
The Snapshot tab offers users multiple selectable quick views of application and/or vulnerability data. The snapshots display reports for, among others, Vulnerability Progress By Type, Most Vulnerable Applications, and a Scan Comparison Summary.
Remediation
The Remediation tab provides a count of severities, categorized by level, along with detailing the starting and ending counts.
Open / Closed Vulnerabilities
The Remediation tab also displays lists for Open and Closed vulnerabilities. Each list details the vulnerabilities’ name, severity level, associated application, and team name. Each vulnerability can be selected to view more details.
Vulnerability Search
The Vulnerability Search tab lists all vulnerabilities found and allows the user to view detailed information behind each. The vulnerability tree is categorized by the primary and secondary pivots, with the default pivots being Severity and Issue Type respectively.
Hotspot
The Hotspot tab displays summaries of shared static vulnerabilities analyzed across applications for any overlapping vulnerabilities which may indicate the likelihood of shared vulnerable source code.
Integrations Sub-Menu
The Integrations sub-menu contains the Remote Providers, Defect Trackers, GRC Tools, and Scan Agent Tasks pages.
Remote Providers
The Remote Providers page contains tabs for Remote Providers, Scheduled Imports, and Scheduled Sync Tasks.
Remote Providers Tab
The Remote Providers tab gives users the means to create new providers, create associated ThreadFix applications, sync Remote Provider applications, and import scans. Applications can also be mapped from this tab.
Scheduled Imports Tab
The Scheduled Imports Tab allows users to create new scheduled Remote Provider Imports.
Scheduled Sync Tasks
The Scheduled Sync Tasks tab allows users to create new scheduled Remote Provider syncs.
Defect Trackers
The Defect Trackers page consists of the Defect Trackers tab and the Scheduled Updates tab.
Defect Trackers Tab
The Defect Trackers tab lets users create and set credentials for new Defect Trackers.
Scheduled Updates Tab
The Scheduled Updates tab is where users can schedule the frequency and time for Defect Trackers to update.
GRC Tools
The GRC Tools page consists of the GRC Tools tab and the Scheduled Updates tab.
GRC Tools Tab
The GRC Tools tab lets users create and set credentials for new GRC Tools.
Â
Scheduled Updates Tab
The Scheduled Updates tab is where users can schedule the frequency and time for GRC Tools to update.
Â
Scan Agent Tasks
Scan Agents are agents that reside on the same server as the scanner and waits for commands (Scan Agent Tasks) from ThreadFix to scan a target, a preconfigured application, and sends the scan results back to ThreadFix for import.
Application Menu Customize Sub-Menu
ThreadFix provides users multiple options to customize performance for the desired environment.
ThreadFix Vulnerability Types
The Severity Mappings tab gives users the means to map a vulnerability type to a severity level.
The Custom Text tab lets users create customized text that will display alongside a designated CWE.
Scanner Vulnerability Types
The Scanner Vulnerability Types page contains the Severity Mappings tab, CWE Mappings tab, and the Deny List/Allow List tab.
Severity Mappings
The Severity Mappings tab allows scanner vulnerability types to be mapped with a source scanner vulnerability and a generic severity type.
CWE Mappings
The CWE Mappings tab allows users to export mappings as well create mappings for unmapped vulnerability types.
Deny List / Allow List
The Deny List/Allow List tab gives users a quick way to select which scanner vulnerability types are added or removed from Deny or Allow lists. Note: Scan findings that match a Deny mode criteria are not imported into ThreadFix.
ThreadFix Severities
By utilizing the Custom Name tab along with the Show and Hide tab, ThreadFix allows uses to customize severity levels and customize which severity levels are visible.
Custom Name
Through the Custom Name tab, ThreadFix allows users to edit the default name for the various severity levels.
Show and Hide
Users can select which severity levels are displayed through the Show and Hide tab.
Scanner Severities
The Customize Scanner Severities page contains the ThreadFix Severity Mappings tab and the Suppress Scanner Results tab.
ThreadFix Severity Mappings
The ThreadFix Severity Mappings tab lets users map customized Scanner Severities to Generic Severity levels and allows the option to exclude any desired level.
Suppress Scanner Results
The Suppress Scanner Results tab allows users to create new scan result filters based on scanner type and severity.
Metadata Keys
The Metadata Keys page gives users the options to create Scan Metadata Keys and/or Application Metadata Keys.
Tags
The Tags page allows users to create tags that can be associated with Applications, Vulnerabilities, or Vulnerability Comments.
Â
Policies
The Policies page holds the Filter Policies tab, Pass Criteria tab, Defect Reporters tab, and Time to Remediate Policies tab.
Filter Policies
The Filter Policies tab lets users create a policy with an associated filter as well as enable/disable email notifications per policy.
Pass Criteria
The Pass Criteria tab provides the means to create Pass Criteria Groups with associated severities and map applications to them.
Defect Reporters
The Defect Reporters tab lets users set up a new Defect Reporter with an associated severity and grouping option.
Time to Remediate Policies
The Time to Remediate Policies tab allows users to create and modify Time to Remediate Policies along with adding associated Applications, Teams, and Tags. Email notifications can also be enabled/disabled.
Filters
The Filters page allows users to create and modify filters based on multiple categories and criteria.
Global
The Global menu has an Administration sub-menu which contains the System Settings, Identity Management, API Keys, Email Reports, Email Lists, and Queue Management pages.
Administration Sub-menu
System Settings
The System Settings page provides user customization settings for Login, Reports, Scanners, Exports, Scan Files, and Other available options through their respective tabs.
Login Settings
The Login Settings tab allows users to customize login defaults as well as adjust SAML settings.
Report Settings
The Report Settings tab lets users customize the information displayed, including the option to select which kinds of reports appear by default on the Dashboard page’s widgets. The report widgets for the Application Detail and Team Detail pages also provide selective options.
Scanner Settings
Vulnerability information from scanners can be prioritized by as desired in the Scanner Settings tab. New scanners can also be created from this tab.
Export Settings
By selecting specific values in the Export Settings tab, users can customize what information is displayed in exported reports.
Â
Other Settings
The Other Settings tab hosts a collection of settings for users to adjust Proxy, Email, and Vulnerability Close Settings. It also includes other options that can be toggled on/off such as the ability to Enable Risk Ratings or Remote Provider Bidirectional Communication.
Scan File Settings
Users can set the location on a file system for Scan Files to be uploaded to and create Retention Policies from the Scan File Settings tab.
Identity Management
The Identity Management page provides user the ability to manage Users, Roles, Groups, Pen Test Teams, and generate User Audits.
Manage Users
Through the Manage Users tab, User profiles can be created and added to Roles, Groups, and Pen Test Teams.
Manage Roles
The Manage Roles tab allows users to create Roles and adjust permission levels, add Users, and Groups.
Manage Groups
Through the Manage Groups tab, users, Pen Test Teams, Team and Application Roles can be added to Groups.
Manage Pen Test Teams
Users can add Users and Groups to Pen Test Teams through the Manage Pen Test Teams tab.
User Audit
The User Audit tab gives users the ability to export reports detailing user access details and associated Groups and Roles.
Â
API Keys
The API Keys page allows the user to create, edit, or delete API Keys.
Email Reports
The Email Reports page allows the user to create and edit email reports, add recipients, and manage report scheduling.
Email Lists
The Email Lists page allows the user to create and populate an email distribution list.
Queue Management
The Queue Management page allows the user to view various available Scan Queue Management values, statuses, source types, and cancellation options. These are displayed similarly across the Vulnerability Queue, Scheduled Task Queue, and Defect Queue tabs.
Â
Table of Contents
- 1 Application Menu
- 1.1 Dashboard
- 1.2 Portfolio
- 1.2.1 Team View
- 1.2.2 Application View
- 1.2.3 Risk Weights- Optional Portfolio View - Beta
- 1.3 Scans
- 1.4 Analytics
- 1.4.1 Trending
- 1.4.2 Snapshot
- 1.4.3 Remediation
- 1.4.3.1 Open / Closed Vulnerabilities
- 1.4.4 Vulnerability Search
- 1.4.5 Hotspot
- 1.5 Integrations Sub-Menu
- 1.5.1 Remote Providers
- 1.5.1.1 Remote Providers Tab
- 1.5.1.2 Scheduled Imports Tab
- 1.5.1.3 Scheduled Sync Tasks
- 1.5.2 Defect Trackers
- 1.5.2.1 Defect Trackers Tab
- 1.5.2.2 Scheduled Updates Tab
- 1.5.3 GRC Tools
- 1.5.3.1 GRC Tools Tab
- 1.5.3.2 Scheduled Updates Tab
- 1.5.4 Scan Agent Tasks
- 1.5.1 Remote Providers
- 1.6 Application Menu Customize Sub-Menu
- 1.6.1 ThreadFix Vulnerability Types
- 1.6.2 Scanner Vulnerability Types
- 1.6.2.1 Severity Mappings
- 1.6.2.2 CWE Mappings
- 1.6.2.3 Deny List / Allow List
- 1.6.3 ThreadFix Severities
- 1.6.3.1 Custom Name
- 1.6.3.2 Show and Hide
- 1.6.4 Scanner Severities
- 1.6.4.1 ThreadFix Severity Mappings
- 1.6.4.2 Suppress Scanner Results
- 1.6.5 Metadata Keys
- 1.6.6 Tags
- 1.6.7 Policies
- 1.6.7.1 Filter Policies
- 1.6.7.2 Pass Criteria
- 1.6.7.3 Defect Reporters
- 1.6.7.4 Time to Remediate Policies
- 1.6.7.5 Filters
- 2 Global
- 2.1 Administration Sub-menu
- 2.1.1 System Settings
- 2.1.1.1 Login Settings
- 2.1.1.2 Report Settings
- 2.1.1.3 Scanner Settings
- 2.1.1.4 Export Settings
- 2.1.1.5 Other Settings
- 2.1.1.6 Scan File Settings
- 2.1.2 Identity Management
- 2.1.2.1 Manage Users
- 2.1.2.2 Manage Roles
- 2.1.2.3 Manage Groups
- 2.1.2.4 Manage Pen Test Teams
- 2.1.2.5 User Audit
- 2.1.3 API Keys
- 2.1.4 Email Reports
- 2.1.5 Email Lists
- 2.1.6 Queue Management
- 2.1.1 System Settings
- 2.1 Administration Sub-menu
- 3 Table of Contents
www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.