Multi-Scanner Deduplication
Connect multiple scanners and let Basirah deduplicate findings automatically.
Running multiple scanners gives you broader coverage, but creates overlap. Basirah deduplicates automatically so you don’t end up with duplicate work items for the same vulnerability.
Connect your scanners
Add each scanner as a separate integration. Basirah supports connecting multiple scanners of the same or different types. See the integration docs for scanner-specific configuration.
Run initial syncs
Trigger syncs for each scanner. As findings are imported, Basirah normalizes them into a common format and groups findings that describe the same vulnerability on the same asset into canonical groups.
Review deduplicated findings
Browse your findings list. When multiple scanners report the same vulnerability on the same asset, you’ll see them grouped together. Each scanner’s record is preserved for traceability, but the remediation workflow treats the group as a single unit.
Create work items against canonical groups
When you create a work item from a deduplicated finding, all linked scanner records track its progress. When verification confirms the fix, every linked record updates together.
Deduplication happens automatically during ingestion based on vulnerability identifiers and affected assets. You don’t need to configure matching rules.