Filter Vulnerabilities
Filtering helps you find vulnerabilities based on your criteria. In addition to creating and saving unique filters, we provided several quick filters based on vulnerability statuses and the New filter that shows the number of vulnerabilities found in the most recent scan.
What's a vulnerability?
Vulnerabilities are aspects of your app that can make it susceptible to attackers. Within each organization, app, and scan-level vulnerability you can view information about the vulnerability and replay the attack so that you can learn how to remediate it and improve the security of your application. You can leave comments on vulnerabilities to help you and others better understand and remediate the vulnerability.
What do the vulnerability statuses mean?
Vulnerability statuses are automatically labeled Unreviewed when first discovered. After reviewing the vulnerability details, you can manually change the status to reflect the vulnerability status.
The following statuses help you sort and prioritize your scan results:
| Status | When is it used? |
|---|---|
| Unreviewed | All vulnerabilities found by a scan that need to be reviewed. This is your starting point when reviewing scan results. |
| New | Newly discovered vulnerabilities that were not found in previous scans. These vulnerabilities are marked Unreviewed and are flagged as New until reviewed or found in a subsequent scan. |
| Ignored | Vulnerabilities that were identified as potentially harmful, but users reviewed and marked Ignored after. You may want to replay the attack or otherwise verify that the Ignored vulnerabilities do not pose a threat. |
| False Positive | Vulnerabilities that users flagged as having been incorrectly found by the InsightAppSec. Users can change the status of False Positive vulnerabilities during the investigation process. This status does not change in subsequent scans. |
| Verified | Vulnerabilities that users investigated and determined to have legitimate risk. Users change the status to Verified to show that it needs to be remediated. |
| Remediated | Vulnerabilities that were identified, investigated, and fixed. Users and validation scans can change the status to Remediated. If an issue is rediscovered in a subsequent scan, the status reverts back to Unreviewed. |
| Duplicate | Vulnerabilities that users determined share a similar source and can be tracked in a similar vulnerability. This status does not change in subsequent scans. |
I want to:
Review the most critical issues
You can get the short list of the highest priority vulnerabilities in your app by filtering by severity and review the highest severity and CVSS score.
To further refine your list, sort by Discovery History to see the most recently discovered and sort by status to see Unreviewed vulnerabilities.
Why are there two severity scores?
The benefit of two scores is that you can compare the score in InsightAppSec to the CVSS score. You can edit the Severity score of Info, Low, Medium, and High that is generated by InsightAppSec, but not the CVSS score generated by the CVSS 3.1 calculator. The CVSS score may show a different severity level than the Severity score due to scan configuration or user adjustment during verification. For example, a user reviews a vulnerability with high CVSS and Severity scores and determines that because the app is isolated, the risk is actually low.
For significant severity score differences, review the vulnerability history and details to verify the correct level.
See the newest findings
In the vulnerabilities list for the app or scan, click New. If none are listed, review the most recently discovered vulnerabilities using the Last Discovered field.
Search and filter by custom criteria
Use search filters to choose the attributes of the assets you want to find. The more filters you add, the more refined your results are. To see only the vulnerabilities that meet all of the filter criteria, combine filters using the AND operator. Use the OR operator to show all vulnerabilities that meet any of the filter criteria.
Which operators can I use?
- = (equals)
- != (does not equal)
- contains
- does not contain
- starts with
- ends with
- Like (regular expression)
- is null
- is not null
A circle on the left side of the filters indicates whether the expression in the field is allowed. If the circle is red in color, the filter is incomplete or incorrect.
Create and save a filter
You can filter vulnerabilities within an organization on the Vulnerabilities page, vulnerabilities in a specific app on the Vulnerabilities tab, and vulnerabilities in a scan on the Scans tab.
- Go to the Vulnerabilities page, tab, or Scans tab where the vulnerabilities you want to filter are.
- In the search query bar, enter the expression for the filter.
- Click Apply to view search results.
- Click Save to be able to reuse the filter.
Filter: Vulnerabilities Found During Mapping
To view any vulnerabilities found during the updated vulnerability mapping process, copy the following query into the query bar and update with your criteria.
vulnerability.discoveries.discovered BETWEEN 6/23/2020 AND 6/24/2020 AND vulnerability.status = “Unreviewed”