Monitor for regressions
Set up monitoring on a project to catch security regressions: cases where a fixed vulnerability turns exploitable a second time.
Prerequisites
- An AISafe account with manager or higher role
- A Project created for the repository or target
- At least one completed assessment with findings on the project
What is a regression?
A regression occurs when a vulnerability marked fixed turns exploitable once more. This can happen when:
- A fix is reverted or circumvented by a subsequent code change
- A dependency update reintroduces a vulnerability patched in a prior release
- An infrastructure change exposes an attack vector mitigated in a prior release
Monitoring catches these, so you do not have to wait for the next scheduled scan or a real attacker to discover them.
Step 1: Open the project
- Navigate to Projects in the AISafe dashboard.
- Open the project you want to monitor.
Step 2: Enable monitoring
- Go to the Monitoring tab or settings section.
- Toggle Enable monitoring.
- Configure monitoring checks:
- Select which findings to monitor (e.g. all critical and high findings)
- Set the check cadence (how often to re-validate PoCs)
- Save the configuration.
Step 3: Set up regression alerts
To receive a notification when AISafe detects a regression:
- Configure a webhook subscription for the
monitoring.regressionevent. - Or connect Slack and enable monitoring regression notifications.
After AISafe detects a regression, it:
- Raises a
monitoring.regressionevent. - Fires all matching webhook subscriptions.
- Posts a Slack notification (if configured).
Step 4: Respond to regressions
After you receive a regression alert:
- Open the finding in AISafe to see the regression details.
- The finding's status reverts to open (or AISafe creates a new finding, depending on configuration).
- Investigate the cause: check recent code changes, dependency updates, or infrastructure changes.
- Fix the regression and verify the fix.
Next steps
- Features: Monitoring: understand the capability in depth
- Set up scheduled scans: complement monitoring with regular full scans
- API: Webhooks: configure webhook subscriptions for regression events