Assets module can help you to centralize and maintain all of your assets in one place. Using this module, you can define a new asset, store its metadata, and assign it to projects and groups.
You can also utilize the Self-Service API to import assets into this module, for example via CMDB.
!IMPORTANT: For permissions on who can do what in this module - please see Access Control Matrix. This module is OPTIONAL and DISABLED BY DEFAULT. It can be enabled & disabled via Configuration.
!IMPORTANT: This module is not available to AttackForge Core tenants.
When the Assets module is enabled, the scope sections on projects will reflect the available assets in this module.
For example during project creation:
For example during project approval:
For example when adding new assets on an existing project:
You can create a new asset by clicking on Create New Asset button in top-right of page. Here you can define the details for the new asset.
You can view the details for an asset by clicking on its name from the main module page.
You can use the actions menu for each asset to select Edit Asset. From there, you can make the necessary updates and save the information.
!IMPORTANT: If you update the name of the asset, it will automatically update the name of the asset on all projects and vulnerabilities which are also linked to/referencing this asset.
You can use the actions menu for each asset to select Delete Asset.
If you accidentally delete an asset, you can always restore it from the Deleted Assets tab.
!IMPORTANT: If you delete an asset from the library - it will NOT delete the asset from a project, or any vulnerabilities linked to/referencing that asset.
Importing Vulnerabilities on a Project
When importing vulnerabilities on a project - the application will check to see if the affected asset for the vulnerability already exists in the library. If it does not exist - it will automatically create the new asset in the library for you.