In Netsparker, you can view, fix and assign Issues. You can also export them to an external file, or send them to another system (to JIRA, for example).
The Issue Lifecycle
This is how it works in Netsparker Enterprise.
- Users create and run scans and wait for the results.
- All detected vulnerabilities in scans are listed in All Issues.
- You can assign an Issue to another team member from the All Issues, or any other, list by updating the Assignee dropdown. The assignee is advised via email that a new task has been assigned to them and the task status is set to Present.
- Once a user fixes the task and changes its status to Fixed (Unconfirmed), it is moved into the Retest list and Netsparker Enterprise automatically rescans the target web application to confirm the fix. If the vulnerability is fixed it will be closed, and marked as Fixed (Confirmed). Otherwise, Netsparker Enterprise will automatically reassign the task back to the original user, and the status will display as Present.
- Users assigned the Manage Issue (Restricted) permission, can view all scan reports and mark the state of an issue to Fixed (Unconfirmed), but they are not able to change the state of an issue to Accepted Risk or False Positive.
This is how it works in Netsparker Standard.
- Users create and run scans, and wait for the results.
- All detected vulnerabilities in scans are listed in the Issues panel.
- From the Issues panel, you can Ignore or Retest it.
- Alternatively, you can configure Sent To Actions to send the issue to an assignee by an issue tracking system.