Assets
Last updated
Last updated
Check YouTube for more tutorials: https://youtube.com/@attackforge
Assets module can help you to centralize and maintain all of your assets in one place. Using this module, you can define a new asset, store its properties and metadata, and assign it to projects and groups.
You can utilize the UI import option or the Self-Service APIs to import assets into this module, for example via CMDB.
This module is optional and can be enabled & disabled via Administration module.
When the Assets module is enabled, the scope sections on projects will reflect the available assets in this module.
You can create custom asset fields from the Administration module.
You can take advantage of custom field access controls to have different asset forms and fields for different types of Roles, Groups or Users. This means customers, business units, teams or individuals can have tailored asset fields based on their needs.
You can create a new asset by clicking on New Asset button.
You can view the details for an asset by clicking on its name. Here you can update the asset or view its vulnerabilities.
!IMPORTANT: If you update the name of the asset, it will automatically update the name of the asset on all projects and vulnerabilities which are also linked to/referencing this asset.
You can import assets from the Assets module using the UI import option or the Service Service RESTful API.
You can use Asset Libraries to assign your assets into libraries. This makes it easier to manage and group your assets, and to also configure assets for different customers, business units, networks, platforms or teams.
Asset libraries can be configured from the Administration module.
Assets can belong to one or more libraries, allowing to share access or ownership of assets and to reducing asset duplication.
Asset libraries can have access controls to manage who can View or Edit the assets.
Asset library access controls can be applied to Roles, Groups or Users, and assigned with either View or Edit privileges.
Users with View access to an asset library will be able to see the asset and any vulnerabilities for which that user has access to via their projects.
Users with Edit access to an asset library will be able to make changes to an asset, including ability to archive the asset or link additional asset libraries.
Uncatalogued assets (assets which do not belong to any libraries) can be restricted by access controls from the Administration module
!IMPORTANT: Users without Edit access to at least one asset library or uncatalogued assets will not be able to import vulnerabilities on a project
Bulk actions can be used to bulk assign assets to libraries.
You can archive assets. If you accidentally archive an asset, you can always restore it from the Archived Assets section.
!IMPORTANT: If you archive an asset from the library - it will NOT delete the asset from a project, or any vulnerabilities linked to/referencing that asset.
When importing vulnerabilities on a project - the application will check to see if the affected asset for the vulnerability already exists in the library. If it does not exist - it will automatically create the new asset in the library for you.
