There are different template types in Nucleus in order to simplify to creation of finding instances. By defining the type of finding in the template, Nucleus knows which fields to allow the user to populate when creating a finding. For example, I do not want a port number to show in the UI if my vulnerability is code related.
This allows for simpler finding creation and a better overall workflow when setting the stage for managing penetration tests within Nucleus.
Note: you will always be able to upload evidence at finding creation, as well as severity, impact, and likelihood.
The template types are as follows:
Code template types are meant to display vulnerabilities in code. The fields specific to this template are:
- Filename: This is the file where the affected code snippet is located
- Line Number: This is the line number for the affected piece of code. Can be a range
- Code Snippet: This allows the user to enter in the specific function, line, or snippet of code which is causing the vulnerability
- Additional Information: Any other information which may be relevant to the finding.
Web Application template types are meant for DAST-Style assessments, where the AppSec assessment was conducted by analyzing web traffic. The fields specific to this template are:
- HTTP Request: The HTTP request to cause the vulnerability
- HTTP Response: The HTTP response from the above request which shows the vulnerability
Note: If you are using a tool like Burp Suite, we recommend just uploading a Burp XML report to Nucleus rather than doing this manually. This is meant for manual testing and penetration tests.
Device template types are meant for host-based type issues, for assets such as IP addresses, running containers, and container images.
The fields specific to this template are:
- Port: The port field allows you to select which on port this vulnerability is present
- Output: The output field is anything you need to populate for the vulnerability. This could be anything from SSL certificates and cert dates, to headers, etc.
General template types are meant for any generic finding types that are not covered by the other templates. This is generally reserved for things like "Weak password policy" or other general findings which are not necessarily vulnerabilities on an asset but should be noted in the vulnerability management program.
For more information on how to create templates and findings in Nucleus, refer to the Custom Findings Overview support page.
If you have any questions about these template types and how they function in the larger vulnerability management program, please reach out to us at [email protected] or by contacting your Nucleus support representative.