Closed praetorian-peter-mueller closed 21 hours ago
This is in scope for our direction.
This is now solved; you can create risks that are associated to 'assets' which are loosely defined (by a simple label).
You can try this out using the 'create manual risk' option in the UI.
When creating a risk, one must associate that risk with a specific asset. Assets are apparently an IP:port combination. This is overly limiting. I request support for more kinds of assets, or for creating risks not associated with any particular asset.
For example, sometimes risks are not associated with an IP:port combination, but rather with one of the following things:
Rather than adding support for an indefinite number of kinds of assets, I think some kind of flexibility in asset kind is the right idea.