Reviewing & QAing Vulnerabilities
Start by creating Review Notes for each of your vulnerabilities. You must have Edit permissions on the project to do so.
You can also access Review Notes from the
Edit Vulnerability page.
Select a topic from the drop-down menu, and add your comments, then click Create.
An email will be sent to the person who created the vulnerability to notify them of your revision note. This email will include the entire note.
You can reply to a review note by clicking on the arrow button.
When replying, you can select the relevant comments you are replying to, then enter your reply.
An email will be sent to the person who's note you are replying to, to notify them of your reply. This email will include their entire note and your entire note.
To perform efficient reviews & QA, you can select multiple vulnerabilities that you wish to review, and then review each vulnerability one-by-one. You can access all information, including evidence & review notes, on one screen.
Start by navigating to the project vulnerabilities page, and use the page menu to select
Edit Multiple Vulnerabilities
Select the vulnerabilities you would like to include in your review, then using the page menu - click on
Individually Updated Selected Vulnerabilities
You can view all review notes and information for the vulnerability on this page. Once you have finished your review or made the changes, click on
Update & Next to save your changes, or Next to view the next vulnerability in the list for review/QA.
Once you have finished reviewing all vulnerabilities, you will see the Next option is no longer available - meaning you have reached the end of the review.
Last modified 2yr ago