Content Library
Content Library
Section titled “Content Library”The Content Library provides a centralized repository of vulnerability knowledge and reusable finding templates. Use it to maintain consistency across assessments and accelerate finding documentation.
Overview
Section titled “Overview”The Content Library contains two main components:
- NEURO Library - Curated vulnerability database
- Custom Findings - Your organization’s templates
NEURO Library
Section titled “NEURO Library”The NEURO Library is a professionally curated database of common vulnerabilities with:
- Technical descriptions
- Impact statements
- Remediation guidance
- CVSS scoring
- References
Browsing the Library
Section titled “Browsing the Library”- Navigate to Content Library → NEURO Library
- Browse by category or search
- Click a vulnerability to view details
Categories
Section titled “Categories”| Category | Examples |
|---|---|
| Injection | SQL Injection, Command Injection, LDAP Injection |
| Authentication | Weak passwords, Missing MFA, Session issues |
| Access Control | IDOR, Privilege escalation, Missing authorization |
| Cryptography | Weak algorithms, Missing encryption, Certificate issues |
| Configuration | Default credentials, Verbose errors, Missing headers |
| Network | Open ports, Weak protocols, Missing segmentation |
| Web Application | XSS, CSRF, Security headers |
| Mobile | Insecure storage, Certificate pinning |
Search Features
Section titled “Search Features”Search the library by:
- Vulnerability name
- CVE ID
- CWE ID
- Keyword
- Severity level
Using Library Entries
Section titled “Using Library Entries”To use a library entry in your project:
- Find the vulnerability
- Click Use in Project
- Select target project
- Customize for your specific finding:
- Add evidence
- Specify affected assets
- Adjust severity if needed
- Add context-specific details
- Save as project finding
Custom Findings Library
Section titled “Custom Findings Library”Create reusable templates for vulnerabilities specific to your organization.
Benefits
Section titled “Benefits”- Consistency - Same quality across all assessments
- Speed - Start from templates, not blank
- Accuracy - Pre-validated technical content
- Compliance - Include required fields
Creating Custom Templates
Section titled “Creating Custom Templates”- Navigate to Content Library → Custom Findings
- Click + New Template
- Complete the template form:
Template Fields
Section titled “Template Fields”| Field | Description |
|---|---|
| Title | Template name |
| Category | Vulnerability category |
| Default Severity | Suggested severity |
| Description | Generic technical description |
| Impact | Standard impact statement |
| Remediation | Fix recommendations |
| References | Helpful links |
| Tags | Organizing tags |
- Click Save Template
AI-Assisted Templates
Section titled “AI-Assisted Templates”Use AI to generate template content:
- Click + New Template
- Enter the vulnerability title
- Click Generate with AI
- Review generated content:
- Technical description
- Impact
- Remediation
- References
- Edit as needed
- Save template
Managing Templates
Section titled “Managing Templates”Edit Template
Section titled “Edit Template”- Click on template
- Click Edit
- Modify fields
- Save changes
Clone Template
Section titled “Clone Template”- Click Clone
- Modify the copy
- Save as new template
Delete Template
Section titled “Delete Template”- Select template(s)
- Click Delete
- Confirm deletion
Template Organization
Section titled “Template Organization”Categories
Section titled “Categories”Organize templates by category:
- Web Application
- Network
- Mobile
- Cloud
- Physical
- Social Engineering
Add tags for filtering:
- OWASP Top 10
- CIS Controls
- PCI-DSS
- Quick Win
- Custom tags
Using Custom Templates
Section titled “Using Custom Templates”- Open a project’s Findings tab
- Click + New Finding → From Template
- Search or browse templates
- Select template
- Customize for your finding:
- Add specific evidence
- Link affected assets
- Adjust details
- Save finding
Template Best Practices
Section titled “Template Best Practices”Writing Effective Descriptions
Section titled “Writing Effective Descriptions”Do:
- Use clear, technical language
- Explain the vulnerability mechanism
- Include generic examples
- Reference standards (OWASP, CWE)
Don’t:
- Include client-specific details
- Reference specific tools/versions
- Use overly complex jargon
- Leave placeholders in final version
Remediation Guidance
Section titled “Remediation Guidance”Structure remediations clearly:
### Short-term- Immediate mitigation steps
### Long-term- Permanent fix recommendations
### Verification- How to confirm the fix workedSeverity Guidelines
Section titled “Severity Guidelines”Set appropriate default severities:
| Severity | When to Use |
|---|---|
| Critical | Direct RCE, Auth bypass, Data breach |
| High | Significant data access, Privilege escalation |
| Medium | Limited data exposure, Requires conditions |
| Low | Minimal impact, Difficult to exploit |
| Info | Best practice, Hardening recommendation |
Importing Templates
Section titled “Importing Templates”CSV Import
Section titled “CSV Import”- Click Import → CSV
- Download template CSV
- Fill in your templates
- Upload and map fields
- Import templates
From Other Projects
Section titled “From Other Projects”Copy findings as templates:
- Open a project finding
- Click Save as Template
- Edit template details
- Save to library
Exporting Templates
Section titled “Exporting Templates”Export to CSV
Section titled “Export to CSV”- Select templates
- Click Export → CSV
- Download file
Share Templates
Section titled “Share Templates”Export templates for team sharing:
- Select templates
- Click Export → Package
- Share the file
- Others can import the package
Library Statistics
Section titled “Library Statistics”View usage statistics:
- Most used templates
- Recently created
- Template by category
- Usage trends
Access via Content Library → Statistics
Next: Learn about the Project Tracker