Creating a Custom Field in Kenna.AppSec

AppSec Custom Fields 

Within Kenna, there are several available data fields that are presented by default on the finding level. When you need a field not listed, you can create a custom field at the findings level. Custom fields allow you to apply additional metadata to findings.

Some examples include having internal application IDs for specific categories of findings, an owner field for findings, notes fields, alternate solutions, and date fields that are not standard but relevant for some application groups. 

Data Types for AppSec Custom Fields

• Date - Date fields support a calendar date. When editing a date-based custom field, a calendar popup will appear to select the date. You can also manually input a date in MM/DD/YYYY format. This type of custom field can be used to mark the date a finding is due or a date to review the finding status.  
• Numeric - Numeric fields support any number. This number can include decimals.  
• Short String - Short String fields support up to 50 characters of text. This can be used for additional notes, marking an Owner of a finding, or any other text-based data.  
• Long String - Long String fields support up to 500 characters of text. This can be used to set a description of a finding or anything else that requires more than 50 characters. 
• Text Dropdown - Text Dropdown fields serve as a list of choices that appear when a user clicks on the title. This field can be used, for example, to list the level of priority for the finding internally.  
• Attachments - Attachment fields support up to 2MB in size per attachment. The attachments supported can end in the following formats: .pdf, .jpeg, .jpg, .png, .xlsx 

Creating an AppSec Custom Field 

1. Navigate to the gear in the upper right-hand side of your browser and from the dropdown menu, select Custom Fields.

2. From the Custom Fields page, click the + Create Custom Field button.  

3. Complete the fields shown to include a name for the field and a description (optional).  Select the product (ex. AppSec) and then select the type of data field desired.  

4. After clicking the Save button, there is a green banner confirming the custom field was successfully created. To see all the existing AppSec custom fields, click on the AppSec tab. 

5. After you create your desired custom fields, they are automatically available for all findings. You can now add data to these custom fields, individually, or in bulk if the entry you are adding is the same across a group of findings.  

To add data in bulk:  

1. Select all findings to which you would like to add data and click Edit. 
2. Select the custom field you wish to edit and input the information. This is applied to all selected findings.  

To add to a single finding, there are 2 options.  

1. Select the finding and click Edit.

2. Click the blue arrow (finding details) on the right-hand side of the finding, and then click on the data type you would like to update