Correct management of the Attack Resistance Management is critical in a successful security testing process. This is why in recent months, we have been implementing a series of improvements in the management of the roots (GIT repositories, environments). We seek to facilitate administration, ensuring the integrity and traceability of the information recorded.

Therefore, from the Scope section of our ARM, you can activate, deactivate, move or edit the roots associated with the group.

In order to maintain the integrity of the information, we must take into account that for the Roots edition

• the URL is allowed to be edited if it doesn't have reported vulnerabilities, and
• the Branch can be edited in all cases. 

There are two possible reasons for deactivating a root:

• It is out of scope
• It has been registered by mistake

In either case, the associated vulnerabilities are closed, and it is made clear that this is due to a change in the scope of testing.

In addition to the above, you can also move roots to other groups of the same organization, taking into account that

• the root doesn't exist in the destination group, and
• all vulnerabilities associated with this root will be migrated to the new group.

It is important to remember that the success of the testing depends on the proper management of its scope, so we are attentive to answer any questions you may have.