Support
Getting Started

Managing website groups in Invicti Enterprise

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

Invicti lets you create website groups, so you can manage many websites easily. You can create different groups to differentiate websites, like production or staging website groups.

By grouping websites, you can:

  • Scan all websites in a group simultaneously, using the same Scan Policy
  • Get an overview of the security state of all websites in that group
  • Filter the list of websites by group
  • Assign permissions to team members by group (For further information, see Managing Teams in Invicti Enterprise)

Use cases for website groups

You can group websites depending on their location, state, or importance. Here are three practical examples:

  • Staging vs Live Environments
  • Locations of Websites
  • Technology

Example 1: Staging vs live environments

You can use Invicti Enterprise to scan web applications during the different stages of development and once they are live. Since you probably use different Scan Policies, you can group all the staging and live websites in different groups.

This enables you to scan all live websites simultaneously using a specific Scan Policy or scan all the websites on the staging server using another Scan Policy.

Example 2: Locations of websites

Because there are many differences between the US and EU laws, it is common to have US and EU based websites running under different configurations. And since you have to use different scan policies, you can use Website Groups to scan all the websites in a specific location.

Example 3: Technology  

You can group, for example, your websites by technology. If you group websites by technology, such as PHP, once a specific PHP vulnerability is announced, you can easily run scans on all the websites built with PHP by scanning that Website Group.

Multiple and default groups

Websites can be included in more than one Website Group, for example:

  • Company website (US, Critical groups)
  • Staging Company website (US, Staging, Non Critical groups)
  • Europe Employees Online Portal (EMEA, Critical groups)

By default, your Invicti Enterprise account has a built-in group called Default. This group cannot be deleted, and unless you specify otherwise, new websites you add to your Invicti Enterprise account will be automatically added to the Default group.

Website Groups columns

This table lists the columns displayed in the Websites page. All can be filtered.

Field

Description

Name

This column shows the name of the website group you provided while creating a website group.

Tags

This column displays the tags you added to the website group.

Description

This column shows the information of the website group you provided while creating the website group.

How to create a website group
  1. Log in to Invicti Enterprise.
  2. From the main menu, select Websites > New Group.

  1. In the Name field, enter a group name.
  2. In the Description field, enter information for the website.
  3. In the Website Group Tags field, enter tags.
  4. In the Websites field, select an option.
  5. Select those websites you want included in the group.
    • From the Website's Technical Contact drop-down menu, select an option. You can keep the current technical contact or choose a new contact.
  1. Select Save.

Once you create a website group, you can select Scan beside the website group to launch a security scan.

How to add a website to a group
  1. From the main menu, select Websites > Websites.
  2. From the Websites page, select the Edit button beside the website you want to add to a group.
  3. In the Website Groups field, check the group to which you want to add the website.
  4. Select Save.
How to edit a website group
  1. From the main menu, select Websites > Manage Groups.
  2. From the Website Groups page, select the Edit button beside the group you want to edit.
  3. Make whatever edits you want.
  4. Select Save.
How to delete a website to a group
  1. From the main menu, select Websites > Manage Groups.

To delete, the website group must not have any website associated with that group.

  1. From the Website Groups page, select Delete beside the group you want to edit.
  2. From the Delete Website Group pop-up, select Delete to delete the group.

Filtering website groups

Column filters

All columns can be filtered, using a highly customisable combination of Fields, Operators, and Values. Each is explained below. This is useful for teams that manage the security of many websites.

Filters & Values

This table lists the filters and values available for columns listed above. Select an option to filter the list by that criterion.

  • In many cases, values can be entered into the value field; in others, the value can be selected from a drop-down menu.
  • You can enter more than one filter at a time.

Field

Description

Value

Name

Select to filter by the website name as defined in the New Website page.

Enter a value.

Tags

Select to filter by tags

Enter a value.

Description

Select to filter by the description as entered in the New Website Group page.

Enter a value.

Operator

This table lists and explains the Operators available for filtering columns. They work in conjunction with the Field, Operator, and Value.

Operator

Description

Equal

This operator can be used for exact matching. For example, if you filtered by the Target URL http://www.example.com/, the filtered list of results would not also list http://api.example.com.

Not Equal

This operator can be used to exclude some results based on exactly matching. For example, if you filtered by the Target URL of http://www.example.com/, the filtered list of results would exclude scans for that one.

Contains

This operator can be used to include results if the filtered column contains the value. It does not matter where the value is. For example, you could filter for the word 'production'.

Not Contains

This operator can be used to exclude certain results on the Websites page.

Starts with

This operator can be used to filter for columns that begin with the value. For example, you could filter for Website fields that begin with the 'https://' scheme.

Ends with

This operator can be used to filter for columns that end with the value. For example, you could filter for Website Name fields ending with 'Staging'.

How to filter website groups in Invicti Enterprise
  1. From the main menu, select Websites> Manage Groups.
  2. From the Website Groups page, select the filter button () next to any header column.
  3. Select Clear to clear all fields.
  4. Add a New Filter.
  5. In the relevant filter, where relevant:
    • From the Field drop-down, select Tag.
    • From the Operator drop-down, select an option.
    • In the Value field, enter a value.
  1. Select Apply.

Overview of the Security State of Websites in a Group

To get an overview of the security state of all websites in a particular group, navigate to the Invicti Enterprise global dashboard and use the groups drop-down menu to select the group.

Once you select the group the Invicti Enterprise, the global dashboard is updated to reflect the security state of all the websites in the chosen group.

Not found what you're looking for?

Open a ticket and our technical support team will assist you quickly.

Open a ticket This will redirect you to the ticketing system.