Explore Risk Advisories
Add a technology stack for your software asset, and we’ll show you a preview of risk advisories based on the Common Vulnerabilities and Exposures (CVE) standard for that stack.
This integration supports the following asset types:
- Web
- Mobile
- API
- Combined assets that include the listed types
Add a Technology Stack for Your Asset
When you create or update an asset in the Cobalt app, add a technology stack for it:
-
Once you’ve specified the asset type, select Add Technology, and start typing the technology name. We’ll show you a list of technologies that match your input. The list contains only valid technologies.
-
Select a technology with the exact version number.
-
If your technology version is missing from the list, you can request to add it. Start typing the technology name, and then select Add new version. In the overlay that appears, submit a technology and its version, and we’ll validate it for you.
Select the key for specific examples.
-
Add more technologies to the stack.
When you create a pentest for this asset, the technologies that you added populate in the Technology Stack field on the Set Requirements page.
Preview Risk Advisories
Now you can preview potential vulnerabilities for your asset on the Risk Advisory tab. Here, you can see the following details for each vulnerability:
- Vulnerability ID in the CVE system
- Severity level in the Common Vulnerability Scoring System (CVSS)
- Technology with the version number that you added
Select a vulnerability to view detailed information on the National Vulnerability Database (NVD) website. Learn how to remediate potential issues with your asset, and take the required action.
