Archive and Deletion

CVEScan Web provides two distinct mechanisms for managing entities that are no longer needed: archiving and deletion. Understanding the difference between these features is crucial for maintaining data integrity and audit trails.

Key Distinction:

  • Archive is only available for components and projects.
  • Delete is available for all entities (users, vaults, projects, components, scans, annotations etc.).

Archive Feature

What is Archiving?

Archiving is a reversible action that de-emphasizes entities in the interface while preserving all data and relationships. When you archive an entity, it becomes unusable in normal operations but remains accessible for audit purposes and can be restored at any time.

Effects of Archiving

Projects

  • Reversible: Can be unarchived at any time.
  • Cascading: When a project is archived, all its components get automatically archived.
  • Protection: Archived projects cannot be deleted.
  • Restoration: Unarchiving a project will also unarchive all its components.

Components

  • Reversible: Can be unarchived at any time.
  • Restrictions: Once archived, you cannot:
    • Import new scans.
    • Delete scans.
    • Manage annotations.
  • Protection: Archived components cannot be deleted.

When to Use Archive

Use archiving when you want to:

  • De-emphasize entities that are no longer actively used.
  • Maintain data for audit and compliance purposes.
  • Temporarily remove entities from the main workflow.

Deletion Feature

What is Deletion?

Deletion is a permanent and irreversible action that completely removes entities and all associated data from the system. This action cannot be undone.

Exception

Annotations use soft delete. They are marked as deleted but preserved for audit trails, enabling the time travel feature for historical review.

When Deletion is Available

Deletion is available for mistake correction and has strict limitations:

✅ Deletion is allowed when:

  • The entity was created by mistake (wrong name, wrong location, etc.).
  • No work has been performed on the entity (no annotations).
  • The entity is not archived.
  • The entity has never been referenced in any annotation.

❌ Deletion is NOT allowed when:

  • Any work has been performed on the entity.
  • The entity has annotations or has been referenced in annotations.
  • The entity is archived.

Why We Restrict Deletion

The Core Principle: Audit Trail Preservation.CVEScan is designed for security auditing and compliance. We have chosen to forbid deletion of entities that have been referenced in annotations to maintain complete traceability for audit purposes. This ensures:

  • Data integrity: All security assessments, decisions, and actions are fully preserved, ensuring no gaps in the security assessment timeline.
  • Complete audit trails: Maintains the historical record required by many security frameworks, so you can always review what was found and when.

Summary

| Feature | Available For | Reversible | Data Preserved | Use Case | | ----------- | -------------------- | ---------- | -------------- | ----------------------------------------------------- | | Archive | Components, Projects | ✅ Yes | ✅ Yes | De-emphasize inactive entities, maintain audit trails | | Delete | All entities | ❌ No | ❌ No | Remove entities created by mistake (before any work) |

Key Takeaways

  • Archiving preserves data for audit purposes and is reversible.
  • Deletion permanently removes data and is irreversible.
  • Use deletion only for entities created by mistake before any work has been performed.
  • Annotations use soft delete for audit purposes.