You can import data from an unsupported third-party product or from manual penetration testing by formatting the information in a CSV file.
If you're uploading finding information, two key pieces of information are required — the asset identifier and the master finding source code.
If you're uploading only asset information, just the asset identifier is needed.
Identifying the asset
- AssetIpAddress — The IP address of the asset
- AssetDnsName — The DNS name of the asset
- AssetName — The name of the asset
Identifying the master finding
Resolve uses an ID called the master finding source identifier to determine if a master finding for the reported vulnerability exists in the database or if a new master finding must be created.
The source identifier is a string that consists of an abbreviation, a colon, and a unique identifier. The abbreviation represents the product, tool, or method that the master finding originated from. The unique identifier could be a GUID or text describing the vulnerability. The table shows several examples from different sources.
|IBM Security AppScan Enterprise|
|PortSwigger Burp Suite|
|Manually imported from a CSV file|
|Manually created through the Resolve interface|
Determining the source code
If the master finding for a vulnerability included in the CSV file exists in Resolve, you can find the corresponding source code in the Findings area of the Administration module. See View master finding source codes.
Example CSV formatting
The following screenshot shows a CSV file with four findings to be added to Resolve.
For a list of supported columns, see Allowed columns for CSV import.