Triage is designed on top of a simple workflow covering several use-cases from remediating vulnerabilities received by your private Bug Bounty Program (Bountypage) to importing thousounds of vulnerabilities from Scout, Devcore and Lookout.
The core of Triage is the filter screen where you can locate and remediate vulnerabilities. You can use each filter to locate a specific vulnerability item. Results can be grouped by title, affected asset and associated actions. Filters and groups work toghether. For example, you can filter to look for vulnerable Joomla! websites and group the results by asset. Grouping by action helps you quickly identify what else you need to do to quickly remediate several issues or put the vulnerability catalogue in order.
Triaging a vulnerability
Following these steps to resolve (triage) a vulnerability.
- Click the vulnerability you would like to triage.
- Review the information, screenshots, source snippets, etc.
- If you think the vulnerability can be triaged, click the "Triage" button.
Now the vulnerability is closed. Triage will remember that this issue is resolved and stop showing future variants of this same vulnerability. You can still access all triaged vulnerabilities or change your mind.
Vulnerabilities can be classied as new, duplicate, out-of-scope etc.
- Open the vulnerability to be classified.
- Provide a classification status for the vulnerability. Mark as new if this is the first time you have seen the vulnerability or set the status to duplicate if already seen previously.
Once you have triaged several vulnerabilities, you can either group them by their status or use the stats screen to identify trends.
You will find the Stats button in the toolbar. Click the button to access all statiscs and trends. If you have just started using Triage you will need to wait for 15 minutes for the first information to show up. All subsequent changes will trigger statistics update every 15 minutes.