You can import data from an unsupported third-party product or from manual penetration testing by formatting the information in a CSV file.

If you're uploading finding information, two key pieces of information are required — the asset identifier and the master finding source code.

If you're uploading only asset information, just the asset identifier is needed.

Identifying the asset

At least one of these asset identifiers must be specified. During import, Resolve examines these items in the following order to determine if the asset already exists in the database or if the asset must be created.
  • AssetIpAddress — The IP address of the asset
  • AssetDnsName — The DNS name of the asset
  • AssetName — The name of the asset

Identifying the master finding

Resolve uses an ID called the master finding source identifier to determine if a master finding for the reported vulnerability exists in the database or if a new master finding must be created.

The source identifier is a string that consists of an abbreviation, a colon, and a unique identifier. The abbreviation represents the product, tool, or method that the master finding originated from. The unique identifier could be a GUID or text describing the vulnerability. The table shows several examples from different sources.

Table 1. Example source codes
  • ASE:phishinginframes
  • ASE:xssprotectionheader
IBM Security AppScan Enterprise
  • BUR:1049216
  • BUR:1050112
PortSwigger Burp Suite
  • CX:2218
  • CX:2320
Checkmarx CxSAST
  • M:1a2b3c-4d5e
  • M:internal-app
Manually imported from a CSV file
  • MAN:M:488467
  • MAN:QLS:82003
Manually created through the Resolve interface

Determining the source code

If the master finding for a vulnerability included in the CSV file exists in Resolve, you can find the corresponding source code in the Findings area of the Administration module. See View master finding source codes.

If the finding doesn't have a corresponding master finding in the database, you can create your own custom source code. These source codes must start with M: followed by a unique identifier of your choosing. M:1a2b3c-4d5e and M:internal-app are both acceptable examples of source codes.
Note: Do not use MAN: as the abbreviation. This is reserved for findings created manually through the Resolve interface.

Example CSV formatting

The following screenshot shows a CSV file with four findings to be added to Resolve.

For a list of supported columns, see Allowed columns for CSV import.