VAPT Management

Overview

Sentinel is a unified vulnerability management platform designed to consolidate findings from multiple sources into a single, organized system. It enables streamlined tracking, management, and resolution of vulnerabilities across projects and products.

Key Components

  1. Projects: High-level containers (e.g., Critical Service, PCIDSS Project 2025).

  2. Products: Sub-components within a project (e.g., Product A).

  3. Findings: Vulnerabilities or issues identified via scanner outputs or manual input.

  4. Plugins & Tags: Mechanisms for categorizing and processing findings.

Step-by-Step Workflow

1. Project Creation

  • Role: Admin or ITSE (IT Security Engineer).

  • Action: Create a project (e.g., "Critical Service") to group related products and findings.

2. Product Creation

  • Role: Admin or ITSE.

  • Action: Within the project, create one or more products (e.g., "Product A") to represent specific services, applications, or components.

3. Upload Scanner Output or Manual Findings

  • Role: Admin or ITSE.

  • Action: Navigate to a specific product (e.g., Product A) and upload raw scanner output files.

    • Plugins: Specify the scanner plugin used (e.g., Nessus, Qualys, Snyk).

    • Tags: Apply relevant tags for categorization (e.g., web-app, infrastructure, manual-review).

    • Manual Findings: Require tags for consistency and automated processing.

4. Findings Population

  • Process: Upon upload, Sentinel processes the raw data using the selected plugin.

    • Findings are extracted, parsed, and populated into the system.

    • Each finding is associated with metadata (e.g., severity, description, affected component) based on plugin output.

5. Status Management and Closure

  • Automated Closure: If a finding identified in a previous upload (same plugin, same tags) is not present in a subsequent upload, Sentinel automatically marks it as Closed.

    • Rationale: Absence indicates the issue has been resolved or is no longer detectable.

  • Status Tracking: Findings remain Open if they persist across uploads with identical plugin and tag criteria.

Benefits

  • Unified Platform: Aggregates vulnerabilities from diverse sources (scanners, manual reviews) into one system.

  • Automated Workflow: Reduces manual effort in tracking and closing resolved findings.

  • Consistency: Tags and plugins ensure standardized categorization and processing.

  • Auditability: Clear history of findings, uploads, and status changes.

Example Scenario

  1. Admin creates project "Web Services".

  2. Creates product "API Gateway".

  3. Uploads a Nessus scan output with tag api-vulnerability.

  4. Findings (e.g., "SQL Injection") are populated.

  5. In the next Nessus upload (same tag), if the SQL Injection finding is absent, it is automatically closed.

PreviousDashboardNextCompliance Management

Last updated