Products #
This section explains how to register a new product on the platform, how products are grouped, and the rules for creating and organizing reports. It also describes the different types of products available in the system.
Registering a New Product #
To register a new product on the platform, you need to follow the creation process through the interface or the provided APIs. When registering a product, the following basic information is required:
- Product Name: The name by which the product will be identified.
- Version: The specific version of the product.
- Description: Additional information that helps explain the features and purpose of the product.
- Product Type: The type of product (further details below).
- Tags: Tags associated with the product to help in classification and searching.
- Hierarchies: The hierarchies to which the product belongs (if applicable).
Each registered product can have multiple reports associated with it. However, each report type must be unique within the same product version. This means that you cannot have duplicate report types within the same version of a product, but multiple reports can be associated with the same product as long as their types are different.
Grouping Products #
Products can be grouped in two ways:
- By Tags: Tags can be used to categorize products, which helps in searching and organizing them.
- By Hierarchies: Products can belong to multiple hierarchies, allowing them to be organized in more complex levels or categories. A product can belong to several hierarchies at the same time, making it easier to place them in different contexts.
Product Types #
There are several product types, each with different characteristics and purposes. Below are the available product types in the system:
- Application:
A product of the “Application” type refers to a software application that runs on an operating system or a specific environment. These products are designed to perform specific tasks and can include web, desktop, or mobile applications. - Library:
A product of the “Library” type is a code library that is used to add specific functionalities to other applications or products. Libraries are not executable by themselves but provide functions, classes, or methods that can be used by applications integrating them. - Firmware:
A product of the “Firmware” type refers to specialized software integrated into hardware devices. Firmware is designed to control and manage specific hardware and is commonly found in electronic devices such as routers, printers, cameras, and more. - Operating System:
A product of the “Operating System” type refers to a complete operating system, such as Linux, Windows, macOS, etc. The operating system manages the hardware and system resources, allowing applications and users to interact with the device. - Container:
A product of the “Container” type refers to a software unit that packages an application and its dependencies into a single container. This allows applications to run consistently in any environment, whether local or in the cloud. Containers are popular in microservices-based infrastructures. - Device:
A product of the “Device” type refers to a physical device, such as a server, computer, IoT (Internet of Things) device, etc. These devices may be subject to firmware updates or interact with specific applications and operating systems.
Managing Reports by Product #
Each product can have multiple reports associated with it. Reports provide detailed information about vulnerabilities, security assessments, and other important data related to the product. However, each report type must be unique within the same product version. For example, you cannot have two reports of the “Vulnerability Assessment” type for the same product version.
When registering a report for a product, the following details must be specified:
- Report Type: Defines the nature of the report (e.g., vulnerability assessment, code analysis, etc.).
- Creation Date: The date the report was generated.
- Product Version: The specific version of the product that the report corresponds to.Reports must be unique by type within each product version, ensuring that there is no duplication of data and that each report provides distinct and valuable information.