# User settings


This view will soon be replaced with an updated interface

# Change password

To change your password, do the following.

  • Under "Admin tools", click either "Service settings" or "Users"
  • In the administration panel to the left, click on "User settings"
  • Fill in your new password and your current one. Leave the "New password" field empty to not change
  • Click on the save button in the top right corner

Change password anim

# Change language

To change the language in the tool,

  • Go to the "User settings" view (see above)
  • Under the Language drop-down, you may select a prefered language, or chose by browser which sets the language according to your browser settings.
  • Click save in the top right corner

Change language

# Enable two factor authentication (2FA)

To enable 2FA, go to the "User settings" view (see above), and follow the instructions under the section "Two Factor Authentication".

# debAI

debAI is a personalized vulnerability score, based on your security preferences. Other metrics, such as the CVSS score, are the same for everyone, and are not adapted to user-specific needs. With debAI, you can get a score more adapted to your unique situation. By specifying your preferences, for example how you value confidentiality, integrity, and availability, you can affect the debAI score, and tune it to your needs. It can then be used as a tool in your prioritisation process when working with vulnerabilities inside the tool.

# Settings

You can configure the following settings inside the tool:

  • Confidentiality
  • Integrity
  • Availability
  • Exploitability
  • Privileges required
  • Attack vector

For the first five settings, you need to decide how important the aspect is on a scale from 0 to 10. If set to 0 this aspect will be completely ignored by debAI when prioritising vulnerabilities, and if set to 10, vulnerabilities with a confidentiality impact it will have a bigger effect on the resulting debAI score. The Attack vector works slightly differently. Instead, it defines if you wish to prioritise local/physical attacks, or network attacks. If you leave it at the default setting, they will be treated equally.

# Notifications


This feature is currently not working.

To enable notifications when the tool has discovered new vulnerabilities above a specified severity, do the following.

  • In the User settings view (see above), click on the Notifications tab
  • Enable or disable notifications by clicking the checkbox
  • Specify a minimum CVSS severity, above which notifications will be sent
  • Click save in the top right corner

Enable notifications