Bulk Findings assignment by Assessment Type

[roobixx]

Would like to have the ability to assign Findings to assessment types in bulk.

Use Case:
Currently using Nessus XML to import findings but have to select each finding manually to assign them to the assessment type. Would like to be able to do a bulk selection and assignment for findings.

[ccammilleri]

@roobixx glad to see you're using Serpico! If we were to support bulk editing of findings is there any other fields you'd like to see supported?

Are you using the auto_import function to automatically generate findings from nessus xml?

[roobixx]

We are loving Serpico! It has greatly streamlined our reporting process and time.

We use the auto_import function almost exclusively right now. Right now we have hacked together the ability to select which assessment_type the XML file is related to on upload so that the findings are prepopulated with the assessment_type. This is working well for us right now but its not very clean in terms of code. (read much hackery)

In terms of other fields that would be nice to bulk edit, the biggest one for our use case would be to be able to change the severity in bulk. We can do this in Nessus but it would be nice to be able to do the same in Serpico.

One thought and maybe this should be another issue, would it be possible to change the assessment_type to a global variable in config.json like finding_type is rather than having it defined in serpico.rb? Would be nice to only have to edit one file to have custom finding and assessment types. Just a thought