Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)
Automation rules overview
Automation rules except suppression rules can be entered on a global or on a project level. Suppression rules can only be entered on a global level.
Global automation rules
Default rules
Rules defined globally and set as default are applied to all projects without exception. These rules ensure consistent automation across your entire organization.
Template rules
Other rules not set as default can be used as quick templates to import while entering project-level automation rules. This provides flexibility while maintaining standardization.
Project-level automation rules
Along with the global rules set as default, project-level automation rules can also be used in the projects. This allows for project-specific customizations while maintaining organizational standards.
In case there's an automation rule entered on the global level and a project-level rule at the same time, both will be checked by Invicti AppSec separately.
SLA levels
It's also possible to set global SLA levels to determine the acceptable time frame to fix vulnerabilities from each severity category.
When an SLA level is edited, it impacts all vulnerabilities discovered both before and after the editing takes place.
Rule hierarchy
The automation system works with the following hierarchy:
- Global default rules: Applied to all projects automatically
- Project-level rules: Applied in addition to global default rules
- Template rules: Available for import at the project level
- Suppression rules: Only available at the global level
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center