Security
Introduction
Kapstan Security is a comprehensive solution for vulnerability management and remediation. It is designed to simplify and streamline the complex process of identifying, tracking, and mitigating vulnerabilities across an organization's entire infrastructure.
To access Vulnerability Management click on Security
from the left navigation bar. Alternatively, navigate directly by visiting: https://app.kapstan.io/security/dashboard
Dashboard
Kapstan Security simplifies the management of vulnerability data by serving as a central hub that effortlessly aggregates information from various vulnerability scanner tools. It unifies your data and presents it in a user-friendly dashboard
While currently in its Beta stage, Kapstan Security offers integration with Dependabot. We are actively working on expanding our compatibility with other tools. Stay tuned for future updates that will extend our range of compatible tools. You can see the following in the dashboard:
- Vulnerability Metrics
- Get a quick snapshot of the total vulnerabilities across your projects.
- The circle chart provides an immediate breakdown based on severity: Critical, High, Medium, and Low. - This allows you to prioritize fixes based on potential risks.
- Vulnerability Over Time
- The line chart visualizes the trend of vulnerabilities over weeks, giving insights into the frequency and type of vulnerabilities cropping up over time.
- This can be crucial for understanding the health of your projects and determining if certain changes led to an increase or decrease in vulnerabilities.
- Projects List
- View a list of all your projects along with a breakdown of vulnerabilities by severity.
- This makes it easy to identify which projects might require more immediate attention.
Project-specific View
- Dive deeper into a specific project by clicking on it from the projects list.
- View detailed vulnerability metrics, and a list of specific vulnerabilities identified.
- Each vulnerability item provides a title, the source of the vulnerability, its current status, and a score indicating its severity.
- Direct actions can be taken for each vulnerability. You can do the following:
- Raise Jira Ticket: Quickly create a ticket for your team to start working on the fix.
- Post Slack Message: Notify your team about the vulnerability for immediate attention.
- Ignore Vulnerability: In case the vulnerability is a false positive or not relevant, you can choose to ignore it.
Now that we understand the dashboard, it's time to dive into how to triage Vulnerabilities & take action.
We hope this provides a clear picture of how the Vulnerability Management Tool can help streamline your security processes and ensure the robustness of your projects. Dive in, explore more, and keep your projects secure!