What are Target Groups?
Target Groups in Invicti Enterprise enable you to manage many web assets more easily. You can create different target groups to differentiate web assets, such as production or staging target groups. This article explains some of the benefits and use cases for target groups.
Benefits of using target groups
By grouping targets, you can:
- Scan all targets in a group simultaneously, using the same scan policy
- Get an overview of the security state of all targets in that group
- Filter the list of targets by group
- Assign permissions to team members by group (For more information, refer to Managing Teams in Invicti Enterprise).
Use cases for target groups
You can group targets depending on their location, state, or importance. Here are three practical examples:
- Staging vs live environments
- Location of targets
- Technology
Example 1: Staging vs live environments
You can use Invicti Enterprise to scan web applications during the different stages of development and once they are live. Since you probably use different scan policies, you can group all the staging and live targets in different groups. This enables you to scan all live web applications simultaneously using a specific scan policy or scan all the targets on the staging server using another scan policy.
Example 2: Location of targets
Because there are many differences between US and EU laws, it is common to have US and EU based targets running under different configurations. And since you have to use different scan policies, you can use target groups to scan all the targets in a specific location.
Example 3: Technology
If you group targets by technology, such as PHP, once a specific PHP vulnerability is announced, you can easily run scans on all the targets built with PHP by scanning that target group.
Multiple and default target groups
Targets can be included in more than one target group, for example:
- Company website (Target groups: US and critical)
- Staging company website (Target groups: US, staging, and non-critical)
- Europe Employees Online Portal (Target groups: EMEA and critical)
Default target group
Invicti Enterprise has a built-in target group called Default. This group cannot be deleted, and unless you specify otherwise, new targets you create will be automatically added to the Default group.
Security state of a target group
To get an overview of the security state of all web applications in a particular target group, navigate to the Invicti Enterprise global dashboard and use the website group drop-down menu to select the target group. Once you select the target group, the global dashboard is updated to reflect the security state of all the web applications in the selected target group.
Further information
For more information about target groups, refer to: