After a scan is completed, you can view both an Executive Summary and a Technical Report of the scan's findings.
These display information about the number, severity and types of vulnerabilities detected, the impact they could have, and where they exist on the site.
For further information, see Vulnerability Severity Levels.
How to Review Scan Results and Imported Vulnerabilities
If the vulnerability has already been automatically created in your issue tracking system (because it meets the criteria configured in Configuring Endpoint Integration), the issue number will be displayed as illustrated.
Once you have configured the integration, a new Send To button is added to every reported vulnerability listed in the scan results. This enables you to send the vulnerability to any of the integrated projects.
You can view the details saved in your issue tracking system by clicking on the issue number.
Sending Vulnerabilities Manually to an Issue Tracking System
Not every vulnerability is created in your issue tracking system, because not every vulnerability will meet the configured criteria. You can send multiple vulnerabilities manually to your issue tracking system.
How to Send Vulnerabilities Manually to an Issue Tracking System
- From the Scans menu, click Recent Scans.
- Next to the relevant scan, click Report.
- In the Technical Report section, click Send To, and from the dropdown, select the relevant project.
- Once the issue is imported into your issue tracking system, you will be notified by Netsparker Enterprise. This notification will include the issue number, as illustrated.
How to Send Multiple Vulnerabilities Manually to an Issue Tracking System
If you send an Issue that has already been sent by someone else, or created automatically in JIRA, Netsparker Enterprise will not create a duplicate entry.
- From the main menu, click Issues, then To Do.
- Check the checkbox for each issue you want to send.
- Click Send To and from the dropdown, select the relevant project.
- The issues are imported into your issue tracking system.
For more information on managing issues in Netsparker Enterprise refer to Using the Netsparker Enterprise Web Vulnerability Tracking System.
Tracking and Logs of Issues Sent to Issue Tracking System
When a vulnerability is sent to your issue tracking system, Netsparker Enterprise creates a record in the Issue’s history, as illustrated.
In our example, there are two records related to the integration:
- One of them was sent manually by a user (username: 'Jira User')
- The other log entry was generated when the issue was automatically sent via the configured Notification we created before (username: 'System')