# Vulnerability Custom Fields

Custom fields allow you to attach organization-specific metadata to vulnerabilities. Use them to track risk dimensions, compliance mappings, or internal classification data that is not captured by standard vulnerability attributes.

{% hint style="info" %}
Custom fields are available on paid tiers. Free-tier organizations do not have access to this feature.
{% endhint %}

***

## Creating Custom Fields

### Step-by-Step

1. Navigate to **Settings > Organization > Custom Fields**.
2. Click **Add Fields**.
3. Fill in the following:

| Field             | Description                                                                          | Required    |
| ----------------- | ------------------------------------------------------------------------------------ | ----------- |
| **Display Name**  | Human-readable name shown in the UI                                                  | Yes         |
| **Internal Name** | Machine-readable identifier used in policies and API calls (unique per organization) | Yes         |
| **Field Type**    | `TEXT` or `RANGE`                                                                    | Yes         |
| **Min Value**     | Minimum allowed value (RANGE type only, max 100)                                     | Conditional |
| **Max Value**     | Maximum allowed value (RANGE type only, max 100)                                     | Conditional |

4. Click **Save**.

{% hint style="info" %}
The field type cannot be changed after creation. To change the type, delete the field and create a new one.
{% endhint %}

### Limits

* Maximum of **2 custom fields** per organization (one TEXT, one RANGE).

***

## Field Types Supported

| Type      | Description                          | Validation                                                               | Example Use                                     |
| --------- | ------------------------------------ | ------------------------------------------------------------------------ | ----------------------------------------------- |
| **TEXT**  | Freeform text value                  | No constraints                                                           | Risk region, business unit, compliance tag      |
| **RANGE** | Numeric value within a defined range | Must be between `min_value` and `max_value`; max value cannot exceed 100 | Risk score, impact rating, exploitability index |

### RANGE Field Constraints

* `min_value` must be less than `max_value`.
* `min_value` and `max_value` cannot be equal.
* Maximum value is capped at 100.

***

## Usage in Dashboards

Custom field values are displayed on vulnerability detail views. Once a custom field is defined, it appears as an additional column or attribute when viewing vulnerability data for any SBOM in the organization.

***

## Usage in Ticket Sync

Custom field values can flow into Jira tickets when the Jira integration is configured. If a custom field maps to a Jira custom field, its value is included in ticket creation and synchronization.

***

## Usage in Policies

Custom fields can be used as **policy rule subjects**, enabling policy-based automation and enforcement.

### Policy Rule Subjects

| Subject Pattern                         | Field Type         | Operators                              |
| --------------------------------------- | ------------------ | -------------------------------------- |
| `VULN_CUSTOM_FIELD_{INTERNAL_NAME}`     | TEXT               | `IS`, `IS_NOT`, `EXISTS`, `NOT_EXISTS` |
| `VULN_CUSTOM_FIELD_{INTERNAL_NAME}`     | RANGE              | `LESS_THAN`, `MORE_THAN`, `RANGE`      |
| `VULN_CUSTOM_FIELD_{INTERNAL_NAME}_AGE` | TEXT (age-tracked) | `LESS_THAN`, `MORE_THAN`, `RANGE`      |

**Example policy rule:**

> Fail if `VULN_CUSTOM_FIELD_risk_score` is `MORE_THAN` 80.

This creates a policy that flags vulnerabilities with a custom risk score above 80.

{% hint style="info" %}
Age tracking (the `_AGE` suffix) is currently supported only for the `risk_region` internal name. This creates a virtual field that tracks how long a vulnerability has had a specific value.
{% endhint %}

***

## Compliance Mapping

Custom fields can be used to map vulnerabilities to internal compliance categories:

* **Risk classification**: Use a TEXT field (e.g., `risk_region`) to tag vulnerabilities by geographic or regulatory scope.
* **Impact scoring**: Use a RANGE field (e.g., `impact_rating`) to assign a numeric impact score aligned with your compliance framework.
* **Audit evidence**: Custom field values are included in exports and can serve as evidence for compliance audits.

***

## Best Practices for Standardization

* **Use consistent internal names**: Choose descriptive, lowercase, underscore-separated names (e.g., `risk_region`, `impact_score`). These names are used in policy rules and cannot be changed after creation.
* **Document your fields**: Maintain internal documentation of what each custom field represents, who is responsible for populating it, and how it maps to compliance or risk frameworks.
* **Populate fields consistently**: Incomplete data reduces the value of custom fields in dashboards and policies. Establish a process for populating fields during vulnerability triage.
* **Use RANGE fields for quantitative risk**: Numeric ranges integrate cleanly with policy rules (threshold-based enforcement) and provide sortable/filterable data in dashboards.
* **Plan before creating**: With a limit of 2 custom fields, choose carefully. Prioritize fields that support your most critical compliance or risk management workflows.

***

## Common Misconfigurations

| Issue                                               | Symptom                                                       | Fix                                                                               |
| --------------------------------------------------- | ------------------------------------------------------------- | --------------------------------------------------------------------------------- |
| Internal name contains spaces or special characters | Policy rule references fail                                   | Use lowercase letters, numbers, and underscores only                              |
| Min and max values are equal (RANGE)                | Validation error on save                                      | Set distinct min and max values                                                   |
| Field type set incorrectly                          | Cannot use numeric operators on TEXT field                    | Delete and recreate the field with the correct type                               |
| Both fields used, need a third                      | "Add Fields" button disabled                                  | Evaluate whether an existing field can be repurposed                              |
| Field deleted while referenced in policies          | Policy rules referencing the field may not evaluate correctly | Update or remove policy rules that reference the deleted field before deleting it |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.interlynk.io/administration/vulnerability-custom-fields.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.