What is an advisory?

What Google says….

What Uleska says

In the Uleska platform, each customer has the ability to add their own advisories; more simply put, if you have a specific way of recommending how a vulnerability should be remediated, we can dynamically override what 3rd party, custom, commercial & open-source tools recommend and standardize the recommendation text. We do this by associating vulnerability recommendation verbiage to your customer account and your advisories take precedence over what a tool says.

In the past, security professionals and technologists have used this functionality to help direct development teams towards their preferred technology stacks (e.g. you want everyone using spring-data which has SQL injection protection for free) without having to waste time verbally communicating the information indefinitely. 

So how can you do this?

1. In the navigation bar, click “Configuration” and go to the “Advisories” tab
2. Click “Add Advisory

1. Select an ASVS category that you want to change recommendation for e.g.

1. Add the HTML text for the vulnerability recommendation. The input for this section is HTML to allow custom report formatting if desired; plaintext can be entered here instead if formatting is not required.
2. Click “Save”