Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)
Add new alert rule
Alert rule presets can be created here. The preset created here and set as default is automatically applied in all projects.
Other global presets can be used to quickly import presets to projects by clicking on the Import Global Preset button under project settings. If there's a global default preset, other rules entered at the project level work alongside that global preset, and alerts are sent for all conditions satisfying them. Global presets imported to projects can be edited under projects. However, it applies the changes only to the project-level rules.
Create alert presets
A preset can be created by clicking on the +Add Preset button. A preset needs to be given a name, and you can insert rules by clicking on the +Define New Rule button.
Available selection criteria
The selections available are as follows and all combined selections indicated by a + sign below are treated as "AND" statements:
1. OWASP Top 10 Category + Severity Level
OWASP Top 10 categories can be used on their own to send alerts whenever vulnerabilities in that category are discovered or can be combined with the severity level.
2. PCI Requirement + Severity Level
PCI Requirement categories can be used on their own to send alerts whenever vulnerabilities in that category are discovered or can be combined with the severity level.
3. Severity Level + OWASP Top 10 Category
Severity level can be used on its own to send alerts whenever vulnerabilities in that category are discovered or can be combined with OWASP Category.
4. Scan Risk Score
Alerts can be sent when the risk score of a scan is higher than a specific risk score or the organization's risk score.
5. WOE in Days + Severity Level + OWASP Top 10 Category
If alerts are to be sent when particular vulnerabilities remain open for more than a certain amount of time (in days), then WOE in days should be selected first, and then it should be combined with severity and OWASP categories. WOE in Days can also be chosen alone, which sends alerts for all vulnerabilities remaining open for more than the specified number of days.
Invicti AppSec sends a second alert one week after sending the first notification in case the issue still remains open. The second alert is sent with all team leads in the project cc'd to the email if email is selected as the notification channel.
6. Scan Frequency
Notifications can be sent when the project hasn't been scanned for more than a certain amount of time (in days).
7. Scan Duration
Notifications can be sent when a scan takes longer than a specific time.
Alert rules management
All rules entered appear on the Alert Rules table, consisting of Rule Name, Value, and Action columns. Editing and deleting are available on the Actions column for each alert rule created.
Benefits
- Automated notifications: Stay informed about critical vulnerabilities and scan issues
- Flexible criteria: Combine multiple conditions to create precise alert rules
- Global and project-level: Apply rules organization-wide or customize for specific projects
- Multiple channels: Send alerts via email, Slack, Teams, and other communication tools
- Follow-up alerts: Automatic reminder notifications for persistent issues
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center