Ostorlab enables the possibility of monitoring assets, whether periodically or with any detected change, you can effortlessly and automatically trigger scans always to be the first to know of any vulnerability.
Monitoring your assets ensures that
- All your applications' 3rd party dependencies are vulnerability-free;
- Fast remediation since you are the first to get alerted of any newly introduced vulnerability.
Two types of monitoring rules are available.
A scan automatically triggers under the following conditions:
- New version released on the store: Ostorlab checks the store continuously to detect updated versions of your application and triggers a new scan.
- Once every X days: Ostorlab will scan your application periodically, in a specified period. This is useful to cover applications with silent updates or code push: Microsoft React Native Code Push for instance.
- Same as cron jobs, this type of monitoring rule allows you to schedule recurrent scans, following a cron-expression rule: eg., 0 0 * * WED : This rule will run a scan at 12:00 AM, every Wednesday.
Creating a monitoring rule follows the same steps as creating a scan. You can access the rule details in the monitoring menu, by clicking on the monitoring rule, you can access the list of created scans. The list contains the tested version, the risk rating and a summary of identified vulnerabilities. You may click on individual scans to access the full scan report.
Monitoring rules can be disabled to stop the creation of new scans, or fully deleted.