Vulnerability Generation

AI can generate complete vulnerability entries from minimal input. This is one of the most time-saving features when building your vulnerability library or writing findings.

Generating from the library

On the vulnerability edit page, click Generate with AI at the top. Provide a title for the vulnerability (e.g. "SQL Injection in Login Form") and the AI will generate:

• A detailed technical description
• Impact assessment
• Step-by-step remediation guidance
• Relevant references

The generated content follows the field structure of your vulnerability template, so it fills in exactly the fields you have configured.

Generating findings in reports

When editing a finding in a report, each text field has a Generate button (the sparkle icon). Click it to have the AI generate content for that specific field based on the finding title and any existing context in the report.

This works well for writing the first draft of a finding. Generate the content, then review and adjust it to match the specifics of what you actually found during the assessment.

Tips for better results

• Use descriptive titles. "SQL Injection" will give you generic output. "Blind SQL Injection in search parameter allowing data exfiltration" gives much more targeted content.
• Generate one field at a time and review before moving to the next. The AI uses the existing content as context, so a good description helps it generate a better remediation section.
• Always review and edit AI-generated content. It provides a solid starting point but should be tailored to the actual findings of your assessment.