Skip to main content

3. Violation Reports

Violation Reports generally refer to compliance or policy violations that an automated scanner identifies. For instance, a daily script might check your codebase or server configurations and log any suspicious results:

  • NPM: Could be scanning for vulnerable dependencies in a Node.js project.
  • SERVER_SCAN: Might check server configurations, open ports, or outdated libraries.
  • SYNC: Another custom tool or integration that reports code or config discrepancies.

Once a violation is “found,” security engineers review it, assign it a State (e.g., “In progress”), and, after investigation, mark it “Resolved” or “Not processed” if it’s a false positive or low priority.

Use Cases 
  • Updating Vulnerable Dependencies

A daily NPM scan detects outdated packages in a Node.js project. Engineers mark the report as "In progress", update the dependencies, and resolve the issue.

  • Server Configuration Errors

A SERVER_SCAN identifies open ports. The IT team secures the ports and marks the violation as "Resolved".

  • Sync Discrepancies

A SYNC scan flags code inconsistencies after deployment. Developers review the logs, sync configurations, and close the report.

  • False Positives Management

An automated scan reports a minor issue. The security team reviews the report and marks it as "Not processed" if deemed harmless.

Typical Workflow

1. Daily/Periodic Scans

A security scanner (via API integration, not by default) runs on a server or code repository on a set schedule, reporting:

 "notFound" – No issues detected.

 "found" – Issues identified for review.

2. Report Creation

The system automatically creates a Violation Report entry, or a security engineer manually logs it.

Fields include:

  • Server name: Which server was scanned.
  • Tool: Name of the scanning tool (e.g., NPM, SERVER_SCAN, SYNC).
  • Result: Was a violation discovered (found) or not?
  • State: Whether the issue is “Not processed,” “In progress,” or “Resolved.”
  • Project: Which project or environment the server is linked to.
  • Created at/Updated at: Timestamps for when the record was created or last updated.
  • Description: Any extra details or logs from the scan.

3. Engineer Review

A security engineer checks the new violations.

If the issue needs action, they mark it as “In progress.”

Once it’s handled or deemed harmless, they set State to “Processed” (or a similar status).

Key Components

Table View

Columns Displayed:

  • Server name – Identifier of the scanned host.
  • Tool – Scanner used (e.g., NPM, SERVER_SCAN, SYNC).
  • Result – Violation detected? (Found / Not found).
  • Project – Associated project or environment.
  • Created at / Updated at – Timestamps.
  • State – Processing status (Not processed, In progress, Resolved).
  • Actions – ✏️ Edit icon to open the details panel.

Sorting & Total:

Sort reports by any column. The Total count shows how many entries match your current view.

Adding a Violation Report

To log a new compliance or policy violation:

1. Open the Add Form

Interface (53).png

Click the green + Add button in the top-right corner of the Violation reports table.

2. Fill in the Report Details

Interface (54).png

In the “Add violation report” side panel, complete the following fields:

  • Title –
    A short, descriptive name for the issue.

  • Status – Initial processing state (defaults to Open).
  • Severity – Select the impact levelissue (e.g., 1.0,“SQL 3.3,Injection 6.0)in Login”).

  • CVSS v3 Score
    Enter the numeric vulnerability rating (e.g. 7.5) based on the Common Vulnerability Scoring System.

  • Severity
    Choose Low / Medium / High / Critical—these map to your CVSS thresholds to give a quick visual cue.

  • Tool
    Select which scanner or pen-test tool generated this report (e.g. NPM, OWASP ZAP, Burp Suite).

  • Scan Type
    Codebase → reveals an extra Component text field (e.g. the repo path or module name).
    Server Scan → reveals Server IP and Server Hostname fields.

  • Component (only if Codebase)
    Free-text name of the sub-system or code module affected.

  • Server IP & Server Hostname (only if Server Scan)
    Identify the scanned host (e.g. 192.0.2.15 / api-prod-01.example.com).

  • Assigned to –
    Pick one or more engineers responsible for triage.

  • Scan type – Choose the context of the scan (Code base, Server scan, etc.).
  • Tool – Select which scanner produced this report (SYNC, NPM, SERVER_SCAN, etc.).
  • Component – (Optional) Specify the sub-system or code module.
  • Server name – (Optional) Hostname or IP address of the scanned system.

  • Project –
    Link this report to athe appropriate project or environment.

  • SLA (optional)
    Set a target remediation date.date/time.

  • Penetration report (Optional) optional)
    Link to a related pen-test entry.entry if available.

  • Description
    Use the Pasterich-text editor to paste or type detailed logs, error messages, or remediation notesnotes.

    using the rich-text editor.

3. Save the Report

When all mandatory fields are populated, click Save to create the new Violation Report.

The report will now appear in your table (and board) views, ready for review and triage.

EnhancedClosure Data CaptureWorkflow

ToWhen giveyou everymark a Violation Report richer“Processed,” riskit contextnow—rather rightthan upsimply front,updating the status—opens a mandatory Add ViolationClose Report” formdialog nowso collects:you capture a concise Resolution Summary. This guarantees every closed finding has:

  • Complete Context: How it was fixed or verified

  • Accountability: Who closed it and when

  • Audit Trail: Full details bundled into one log entry

What’s New

  • CVSSClose v3Dialog Score:Auto-Opens: ASelecting numeric“Processed” severityimmediately rating (e.g. 7.5) based onlaunches the Common Vulnerability Scoring System.modal.
  • Severity:Mandatory Summary: AYou dropdowncannot (Lowfinish /without Mediumentering /a Highbrief /resolution Critical) mapped to your CVSS thresholds.note.
  • Tool:Data Snapshot: TheRead-only scannerview orof pen-testall tool that produced the finding (e.g. NPM, OWASP ZAP, Burp Suite).
  • Scan Type: Choose between Codebase and Server Scan:

Codebase → an extra Component text field appears (e.g. repo path or module name).

Server Scan → two fields appear: Server IP (e.g. 192.0.2.15) and Server Hostname (e.g. api-prod-01.example.com).

  • Description: Same rich-text editor for detailed notes or logs.

All otheroriginal fields (Project, Title, AssignedCVSS, To,Severity, SLA,Tool, etc.)Scan remainType as+ before.

Component/Server,

WithDescription). these

  • Atomic additions,Audit everyLog: ViolationThe Reportsystem capturesrecords structuredthe risksummary, datacloser’s upfrontusername, and ensurestimestamp thattogether.
    • closing

    How It Works

    • Locate & Process: In Table or Board view, set State → Processed.
    • Review Snapshot: Confirm Project, Title, CVSS v3, Severity, Tool, Scan Type details, and Description.
    • Add Summary: Enter your remediation steps, verification, and notes.
    • Save to Close: Click Save: status flips to Closed; summary appears in details and audit logs.

    Benefit: Every closed report is now a reportself-contained alwaysrecord includesof awhat clear,was documentedfound, resolution.who fixed it, how, and when—making compliance and troubleshooting faster and more reliable.

    Editing a Violation Report

    1. Locate the record

    In Table view, scroll or search to find the row for the violation you want to update.

    In Board view, find the card in its status column.

    2. Open the edit form

    • Table: Click the Edit (✏️) icon in the Actions column.
    • Board: Hover over the card and click the pencil icon or the “⋯” menu, then choose Edit.

    3. Make your changes

    In the side-panel form you can update any field:

    • Status (Open, In Progress, Resolved, etc.)
    • Severity
    • Assigned to
    • Scan type, Tool, Component, Server name
    • SLA, Penetration report
    • Description (detailed notes or logs)

    4. Save

    Click Save at the bottom of the panel to apply your edits.

    Deleting a Violation Report

    • Find the violation
      In Table view, locate the row you wish to delete.

    • Click the trash icon
      Click the Delete (🗑️) icon in the Actions column for that row.

    • Confirm deletion
      In the confirmation dialog, click Delete again to permanently remove the report

    Warning: Deleted violation reports cannot be restored. Be sure you no longer need the record before confirming deletion.

    Filtering & Searching

    • Filter Panel:
      Click Filter to narrow by State or Tool.

    • Search Bar:
      Type a partial or full server name in the Search field to find specific reports instantly.

    Back to top