Purify v1.2 releases: All-in-one tool for managing vulnerability reports

vulnerability reports

purify

The goal of Purify to be an easy-in-use and efficient tool to simplify a workflow of managing vulnerabilities delivered from various (even custom) tools.

Purify is aiming to be a tool-agnostic application. Tool independence makes it possible to analyze results/findings/reports of any toolset. Technically, the report you want to upload should be one of the following:

  • JSON file
  • XML file
  • JSON object (most webhooks dispatch events as separate JSON objects)

This means you don’t need any special plug-ins to parse incoming reports. For this Purify introduces the concept of templates. Templates are code-free and user-friendly structures that parse reports the way you tell them.

Purify is able to remove duplicate results among various vulnerability scanners or tools. In addition, it can combine several results of the same tool based on selected fields and it is fully configurable. Purify does all this work to reduce the headache of the analyst.

Collect all your findings in one place, review/validate/track them, collaborate with your teammates, receive notifications via Slack, create Jira tickets, and many more.


Architecture

The hierarchy of Purify is simple:

  1. Project – the root component, can be a dedicated software project or a roaster of team projects

  2. Unit – the direct child of a project, may represent releases, sub-projects, or any other type of separation that makes sense to you

  3. Report – belong to a unit

  4. Template – attached to a report and used to parse issues

  5. Issue – extracted from a report and formatted based on a template

Changelog v1.2

  • Minor bug fixes
  • Minor UI updates

Install

Copyright (c) 2020 faloker