Operations Module Overview
The Operations module serves as the central hub for security assessment tracking, managing assets discovered during engagements, vulnerabilities identified by scanning tools, and physical security data from field operations. It provides sophisticated import capabilities, relationship mapping, and validation workflows to support the complete assessment lifecycle.
Core Components
Section titled “Core Components”Asset Inventory
Section titled “Asset Inventory”Maintain a comprehensive inventory of discovered assets including:
- IP Addresses - Network hosts and endpoints
- Hostnames - Domain names and DNS records
- Email Addresses - Discovered email accounts
- Credentials - Leaked or compromised credentials
- Badges - Company identification badges
- Physical Addresses - Location information
- Custom Asset Types - User-defined asset categories
Vulnerability Tracking
Section titled “Vulnerability Tracking”Track security findings with complete metadata:
- Severity Levels - Critical, High, Medium, Low, and Informational classifications
- CVSS Scoring - Common Vulnerability Scoring System metrics with vector strings
- CVE/CWE Tracking - Link to Common Vulnerabilities and Exposures and Common Weakness Enumeration
- Status Workflow - Progress vulnerabilities through open, confirmed, remediated, false positive, and accepted states
- Manual Validation - Document validation evidence and notes
Physical Security
Section titled “Physical Security”Track physical penetration testing data from ATLAS imports:
- Field Notes - Observations and documentation from field operations
- Points of Interest (POIs) - Geographic locations with coordinates
- RFID Cards - Captured card data with facility codes
- Captured PINs - PIN codes associated with access control
- Magstripe Cards - Magnetic stripe data with track information
Import Management
Section titled “Import Management”Multi-format import system supporting major security tools:
- Automatic format detection
- Intelligent deduplication
- Asset-vulnerability relationship mapping
- Import tracking with success/failure reporting
Key Features
Section titled “Key Features” Operations Module Dashboard with Statistics Screenshot
Advanced Filtering
Section titled “Advanced Filtering”Multi-select filtering system with options for:
- Project and component selection
- Asset type filtering
- Status and severity levels
- Import source tracking
- Service and protocol filtering
Floating Window Editors
Section titled “Floating Window Editors”Modern floating window interface for viewing and editing:
- Minimize and restore windows
- Side-by-side comparison
- Quick navigation between records
- Inline editing capabilities
Bulk Operations
Section titled “Bulk Operations”Efficient bulk processing for:
- Creating multiple records at once
- Batch status updates
- Bulk validation with shared notes
- Mass deletion with confirmation
Real-Time Statistics
Section titled “Real-Time Statistics”Live dashboard showing:
- Total assets and active counts
- Vulnerability severity breakdown
- Validation progress metrics
- Component-level statistics
Asset-Vulnerability Mapping
Section titled “Asset-Vulnerability Mapping”Automatic relationship tracking:
- Map vulnerabilities to affected assets
- Track ports, protocols, and services
- Aggregate related data across mappings
- Navigate between related records
Manual Validation Workflow
Section titled “Manual Validation Workflow”Structured validation process:
- Mark vulnerabilities as manually validated
- Record validation notes and evidence
- Track validator and validation date
- Bulk validation support
flowchart LR
A[Import Scans] --> B[Review] --> C[Validate]
C --> D{Status}
D -->|Confirmed| E[Map to Report] --> F[Remediation]
D -->|False Positive| G[Archive]
Supported Import Formats
Section titled “Supported Import Formats”| Format | Extension | Description |
|---|---|---|
| Burp Suite | XML, HTML | Web application scanner results |
| Nessus | XML | Vulnerability scanner findings |
| Nexpose | XML | Rapid7 vulnerability data |
| NodeZero | CSV | Autonomous penetration testing results |
| BloodHound | ZIP | Active Directory attack paths |
| ATLAS | JSON | Physical security field data |
| Nmap | XML | Network discovery and port scanning |
| Nuclei | JSON | Template-based vulnerability scanning |
| SPEAR Format | JSON | Standardized import format |
Module Structure
Section titled “Module Structure”The Operations module is organized into three main areas:
- Assets - Asset inventory management and import
- Vulnerabilities - Vulnerability tracking and validation
- Physical Security - ATLAS data and physical assessment tracking
Integration Points
Section titled “Integration Points”The Operations module integrates with:
- Projects - Assets and vulnerabilities are scoped to projects and components
- Reporting - Vulnerabilities can be mapped to report findings
- Import System - Unified import processing for all supported formats
- User Management - Validation tracking includes user attribution