Notes allow adding comments to a Vulnerability. They will also be displayed in the reports. A Note can be added to a specific result, a specific task, a risk level, port or host and as such will only appear in specific reports. A Note can be generalized just as well so that it will be displayed in all reports.
To create a new note select the finding in the report you want to add a note to and click New Note . Alternatively you can create a note without relation to a finding. However, the GSM can not suggest any meaningful values for the different fields in the following dialogue.
A new window opens in which exactly those criteria of the selected vulnerability are pre-set.
Individual values can be selected and unselected to generalize or the note even further or make it more specific. Additionally the note can be activated for a specific period of time. This allows adding of information to a note that a security update is uploaded in the next seven days. For the next seven days the note will be displayed in the report that the vulnerability is being worked on.
Any note can be generalized. In this example a quite extensive generalization is configured, matching any target host, port and task.
From this moment on the note is always shown in the results view if this Vulnerability matches. This applies for all previously created scan reports and for all future scan reports until the note is deleted.
The created notes can be displayed under Scan Management and Notes. Here completely new notes can be added as well.