Skip to main content
All CollectionsStrike tutorials
How to use Vulnerability Manager
How to use Vulnerability Manager
Diego Levinsky avatar
Written by Diego Levinsky
Updated over 8 months ago

Managing your vulnerabilities is easy with Strike. You can centralize findings from your different Pentests and Automated Scans within Strike's Vulnerability Manager and take action to address each of them.

As soon as the Vulnerability Manager shows up, you can see all your vulnerabilities as a list. For each of them, information about its severity, targets, sources, dates, and tags is shown. That is the single best way to centralize your findings to make informed decisions. Discover everything you can do to manage them:

Actions:

Search by title or ID

Looking for any vulnerability is easy using Search. Type the title of the vulnerability and it will show up on your screen. If you know its ID, you can type it as well.

When the finding appears, click on it to discover its details.

Get Vulnerability Details

The Vulnerability Manager is the best place to centralize all your findings and have a complete overview of all of them. However, you may want to dive deep into a specific vulnerability. That's as easy as clicking its title!

By clicking on any title, a new screen will show up with all the details of that specific vulnerability. Get critical information, such as:

  • Description

  • Type

  • CWE

  • Attack Vector

  • Impact

  • Suggested Fix

  • Comments

If the vulnerability was found by a Striker, all this information will be manually filled by him/her. Chat with the Striker freely to understand any details that may be confusing or incomplete, but understand that those are written following strict guidelines provided by our Strikers Engineering Team.

If the vulnerability was found by an Automated Scan, all the details will be filled in automatically.

Filter and Sort

Filtering

If you are managing a huge volume of vulnerabilities, filtering and sorting may be the best way to visualize what is most optimal for you.

To filter vulnerabilities, just click on Add Filter. You can add as many filters on top of each other as needed. You can filter vulnerabilities by Source, Severity, Status, and Tags.

To clear all the filters, just click on Reset Filters.

Sorting

To sort your findings, just click on any available option on this menu on the top right. There are two main variables to sort: time and severity. Select any pre-defined sorting to make the most out of the Vulnerability Manager.

Switch to Kanban

For managing the Status of your findings, the Kanban view is the most useful. In it, you will be able to see the findings by their status, and you will be able to move them around freely. The Kanban view is especially useful for analyzing and taking action over a large number of vulnerabilities at a time.

Remember you can still use filtering and sorting while on Kanban view.

Change Status

If the drag-and-drop style of the Kanban view does not suit you, you can still change the Status of any vulnerability using this dropdown menu. The categories of statuses are quite vast, so you can use the ones that best suit your workflow.

Note: If you are using the Compliance Report auto-generated by the Automated Scanner, vulnerabilities that are marked as "False Positives" or "Solved" will not be shown in the downloaded PDF.

Export Vulnerabilities

If you want to export a single vulnerability as a PDF, you can do it by clicking on the Export button on the details of any vulnerability.

On the other hand, if you want to export all vulnerabilities as a CSV or a JSON file, just click on the export icon in the top right corner.

Did this answer your question?