Skip to main content

Monitoring

Monitoring is AISafe's continuous security validation capability. Once you enable it on a Project, AISafe re-validates existing finding proof-of-concepts and alerts you when a fix regresses or an area that was safe becomes vulnerable.

How it works

  1. You configure monitoring checks on a project, specifying which findings to monitor and on what cadence.
  2. AISafe re-tests finding proof-of-concepts against the current state of the target.
  3. If a vulnerability you fixed is exploitable again, AISafe raises a regression event.
  4. Regression events fire monitoring.regression webhooks so your team can respond.

Regressions

A regression occurs when a vulnerability marked fixed is exploitable again. This can happen when:

  • A subsequent code change reverts or circumvents the fix
  • A dependency update reintroduces a patched vulnerability
  • An infrastructure change exposes a mitigated attack vector

Monitoring catches these regressions, so you do not have to wait for the next scheduled scan or a real attacker to discover them.

Setup

To enable monitoring:

  1. Create a Project bound to your repository or target.
  2. Configure monitoring checks on the project, selecting which findings to monitor.
  3. Set up webhook subscriptions for monitoring.regression events to get alerted.

See Guide: Monitor for regressions for a step-by-step walkthrough.