The goal of Purify to be an easy-in-use and efficient tool to simplify a workflow of managing vulnerabilities delivered from various tools.
Purify is designed to analyze the report of any tool, if the report is in JSON or XML format. This means you don’t need any special plug-ins to process reports from your selection of tools.
Purify is able to remove duplicate results among various vulnerability scanners or tools. In addition, it can combine several results of the same tool based on some fields and it is fully configurable (no coding required). Purify does all this work to reduce the headache of the analyst.
Collect all security findings in one place, review/validate/track them, collaborate, get notifications(Slack), export them into tracking systems(Jira) and so on.
List of packages used for these modules:
Deployment With Nginx and MongoDB
- Local Setup : To start the Purify locally without certificates and other production things, you can do the following:
- Clone repository
docker-compose -f docker-compose.tests.yml up --build
- Docker-Compose : Before deployment you may want to configure a few things in docker-compose file
// if you want local mongodb
// update local path to the .env file (see api/.env.example)
// update local paths to certificate and key files
docker-compose up -d