LogoLogo
  • AttackForge Support
  • Release Notes
    • 2025
    • 2024
    • 2023
    • 2022
    • 2021
    • 2020
    • 2019
  • Core & Enterprise
    • Getting Started
      • How It Works
      • Requesting A Project
      • Creating & Updating Projects
      • Invite User To Project
      • View Project Team
      • Project Scope
      • Project Workspace
      • Project Notes
      • Project Pages
      • Test Cases
      • Creating Vulnerabilities
      • Updating Vulnerabilities
      • Review & QA
      • Attack Chains
      • Reporting
      • Retesting & Remediation
      • Notifications
      • Custom Fields & Forms
      • Vulnerability SLAs
      • User Settings
      • Login Redirects
    • Modules
      • Dashboard
      • Analytics
      • Vulnerabilities
      • Projects
      • Scheduling
      • Portfolios
      • Groups
      • Attack Chains
      • Assets
      • Writeups
      • Test Suites
      • Report Templates
        • Overview
        • Tutorial
        • Tips & Tricks
        • Troubleshooting
        • Template - Report Templates
        • Template - Tags
        • Template - Options
        • Template - Functions
        • Template - Filters
        • Template - Styles
        • Template - Tables
        • Template - Charts
        • Template - Conditions
        • ReportGen CLI
        • ReportGen Library
      • Users
      • Administration
      • Flows
      • Self-Service RESTful API
        • GETTING STARTED
        • EXPORTING TO CSV
        • ADVANCED QUERY FILTER
        • ActivateUser
        • AddProjectMembershipAdministrators
        • AddTestcaseToTestsuite
        • AddTestcasesToTestsuite
        • AddUserToGroup
        • ApproveProjectRequestById
        • ArchivePortfolio
        • ArchiveProject
        • CancelProjectRetestRound
        • CloneProject
        • CompleteProjectRetestRound
        • CreateAssetInLibrary
        • CreateGroup
        • CreatePortfolio
        • CreateProject
        • CreateProjectNote
        • CreateProjectRequest
        • CreateProjectTestCase
        • CreateProjectWorkspaceNote
        • CreateRemediationNote
        • CreateScope
        • CreateTestcaseNote
        • CreateTestsuite
        • CreateUser
        • CreateUsers
        • CreateVulnerability
        • CreateVulnerabilityBulk
        • CreateVulnerabilityLibraryIssue
        • CreateVulnerabilityWithLibrary
        • DeactivateUser
        • DownloadProjectTestCaseFile
        • DownloadProjectTestCaseNoteFile
        • DownloadProjectTestCaseWorkspaceNoteFile
        • DownloadVulnerabilityEvidence
        • DownloadVulnerabilityLibraryFile
        • DownloadWorkspaceFile
        • GetApplicationAuditLogs
        • GetAssets
        • GetAssetsByGroup
        • GetAssetInLibrary
        • GetAssetsInLibrary
        • GetCustomFieldsConfig
        • GetFormConfig
        • GetGroup
        • GetGroups
        • GetMostCommonVulnerabilities
        • GetMostFailedTestcases
        • GetMostVulnerableAssets
        • GetPortfolio
        • GetPortfolios
        • GetPortfolioStream
        • GetProjectAuditLogs
        • GetProjectById
        • GetProjects
        • GetProjectsAndVulnerabilities
        • GetProjectsByGroup
        • GetProjectMembershipAdministrators
        • GetProjectNotes
        • GetProjectReport
        • GetProjectReportData
        • GetProjectRequests
        • GetProjectRequestById
        • GetProjectTestcasesById
        • GetProjectVulnerabilitiesById
        • GetProjectWorkspace
        • GetTestsuiteById
        • GetTestsuites
        • GetUserByEmail
        • GetUserById
        • GetUserByUsername
        • GetUserAuditLogs
        • GetUserGroups
        • GetUserLoginHistory
        • GetUserProjects
        • GetUsers
        • GetVulnerabilityById
        • GetVulnerabilities
        • GetVulnerabilitiesByAssetName
        • GetVulnerabilitiesByGroup
        • GetVulnerabilityLibraryIssues
        • GetVulnerabilityRevisionHistory
        • InviteUserToProject
        • InviteUsersToProjectTeam
        • RejectProjectRequestById
        • RegenerateAPIKey
        • RemoveProjectMembershipAdministrators
        • RemoveProjectTeamMembers
        • RequestNewProjectRetest
        • RestoreProject
        • SendEmail
        • SendDailyCommencementEmail
        • SendDailyCompletionEmail
        • UpdateAssetInLibrary
        • UpdateCustomFieldsConfig
        • UpdateExecSummaryNotes
        • UpdateFormConfig
        • UpdateGroup
        • UpdatePortfolio
        • UpdateProjectById
        • UpdateProjectMembershipAdministrators
        • UpdateProjectNote
        • UpdateProjectRequestById
        • UpdateProjectRetestRound
        • UpdateProjectWorkspaceNote
        • UpdateScope
        • UpdateTestcase
        • UpdateTestcaseOnTestsuite
        • UpdateTestsuite
        • UpdateUserAccessOnGroup
        • UpdateUserAccessOnProject
        • UpdateUser
        • UpdateVulnerabilityById
        • UpdateVulnerabilityLibraryIssue
        • UpdateVulnerabilitySLAs
        • UpdateVulnerabilityWithLibrary
        • UploadTestcaseFile
        • UploadVulnerabilityEvidence
        • UploadVulnerabilityLibraryFile
        • UploadWorkspaceFile
      • Self-Service Events API
        • GETTING STARTED
        • Project Created
        • Project Updated
        • Project Request Created
        • Project Request Updated
        • Project Retest Requested
        • Project Retest Completed
        • Project Retest Cancelled
        • Vulnerability Created
        • Vulnerability Updated
        • Vulnerability Evidence Created
        • Vulnerability Evidence Updated
        • Vulnerability Remediation Note Created
        • Vulnerability Remediation Note Updated
    • AFScript
    • Access Control Matrix
    • Raising Support Tickets
    • Security
  • Contact
Powered by GitBook

Check YouTube for more tutorials: https://youtube.com/@attackforge

On this page
  • Overview
  • Configuring Asset Fields
  • Creating Assets
  • Viewing & Updating Assets
  • Importing Assets
  • UI Import
  • Self-Service API
  • Grouping and Managing Access to Assets
  • Archiving Assets
  • Importing Vulnerabilities on a Project
  1. Core & Enterprise
  2. Modules

Assets

PreviousAttack ChainsNextWriteups

Last updated 7 months ago

Overview

Assets module can help you to centralize and maintain all of your assets in one place. Using this module, you can define a new asset, store its properties and metadata, and assign it to projects and groups.

You can utilize the UI import option or the Self-Service APIs to import assets into this module, for example via CMDB.

This module is optional and can be enabled & disabled via Administration module.

When the Assets module is enabled, the scope sections on projects will reflect the available assets in this module.

Configuring Asset Fields

You can create custom asset fields from the Administration module.

You can take advantage of custom field access controls to have different asset forms and fields for different types of Roles, Groups or Users. This means customers, business units, teams or individuals can have tailored asset fields based on their needs.

Creating Assets

You can create a new asset by clicking on New Asset button.

Viewing & Updating Assets

You can view the details for an asset by clicking on its name. Here you can update the asset or view its vulnerabilities.

!IMPORTANT: If you update the name of the asset, it will automatically update the name of the asset on all projects and vulnerabilities which are also linked to/referencing this asset.

Importing Assets

You can import assets from the Assets module using the UI import option or the Service Service RESTful API.

UI Import

Self-Service API

Grouping and Managing Access to Assets

You can use Asset Libraries to assign your assets into libraries. This makes it easier to manage and group your assets, and to also configure assets for different customers, business units, networks, platforms or teams.

Asset libraries can be configured from the Administration module.

Assets can belong to one or more libraries, allowing to share access or ownership of assets and to reducing asset duplication.

Asset libraries can have access controls to manage who can View or Edit the assets.

Asset library access controls can be applied to Roles, Groups or Users, and assigned with either View or Edit privileges.

Users with View access to an asset library will be able to see the asset and any vulnerabilities for which that user has access to via their projects.

Users with Edit access to an asset library will be able to make changes to an asset, including ability to archive the asset or link additional asset libraries.

Uncatalogued assets (assets which do not belong to any libraries) can be restricted by access controls from the Administration module

!IMPORTANT: Users without Edit access to at least one asset library or uncatalogued assets will not be able to import vulnerabilities on a project

Bulk actions can be used to bulk assign assets to libraries.

Archiving Assets

You can archive assets. If you accidentally archive an asset, you can always restore it from the Archived Assets section.

!IMPORTANT: If you archive an asset from the library - it will NOT delete the asset from a project, or any vulnerabilities linked to/referencing that asset.

Importing Vulnerabilities on a Project

When importing vulnerabilities on a project - the application will check to see if the affected asset for the vulnerability already exists in the library. If it does not exist - it will automatically create the new asset in the library for you.