Examples

Examples are additional data points stored against an asset and a finding. An example is an instance of a finding relating to an asset. This serves as the evidence to prove a finding or to help a client reproduce the issue.

Examples can are generally expanded descriptions of issues that include screenshots, code samples, request/response data (from network communications such as HTTP proxy logs), etc.

Access control

Access to examples is based on access to the finding. If the user can access the finding, they can access the example content.

Listing examples

The example list is available on the finding view:

image0

Note

Examples are nested under assets. An example can only be linked to a single asset. That is, the example is the instance of a finding relating to the asset. An asset can have multiple examples associated with it, however.

Adding/editing examples

Download video

Adding an example is carried out from the finding view by selecting the Example… option from the + ADD button’s menu. Once the edit window is open, the user can set the title, associate with an asset and add any additional data points or deleted descriptions via the WYSIWYG field.

image2

Outputting examples in reports

It is possible to include/exclude examples for reporting purposes. Selecting the example and setting it to output = yes/no will influence whether or not the example is output when generating a report. This can be useful in cases where you may have many examples, but only require a selection for illustration purposes.

image3

By default, examples imported from tools are always set to output.

Deleting examples

Examples can be deleted from the finding view by selecting them and deleting them:

image4