Introduction

Examples are additional data points stored against an asset and a finding. An example is an instance of a finding relating to an asset. This serves as the evidence to prove a finding or to help a client reproduce the issue.

Examples can are generally expanded descriptions of issues that include screenshots, code samples, request/response data (from network communications such as HTTP proxy logs), etc.

Access control

Access to examples is based on access to the finding. If the user can access the finding, they can access the example content.

The example list

The example list is available on the finding view:

Examples are nested under assets. An example can only be linked to a single asset - i.e. the example is the instance of a finding relating to the asset. An asset can have multiple examples associated with it, however.

Adding/Editing examples

Adding or editing an example is carried out from the finding view via the "ADD -> Example" button. Once the edit window is open, the user can set the title, associate with an asset and add any additional data points or deleted descriptions via the WYSIWYG field.

Outputting examples in reports

It is possible to include/exclude examples for repo

By default, examples imported from tools are always set to output.

Deleting examples

Examples can be deleted from the finding view by selecting them and deleting them: