Application Security Platform
Management

Manage and prioritize vulnerabilities

This document is for:
Invicti Platform

The vulnerabilities page lists all vulnerabilities identified across your scans. By using the filtering and sorting options, you can quickly identify and prioritize vulnerabilities that require immediate attention. For information about managing vulnerabilities in a scan, refer to Reviewing scan results.

This document explains the information found on the Vulnerabilities page and how to use them for identifying and prioritizing vulnerabilities.

Information available on the Vulnerabilities page

This section below describes each of the available fields you can view on the vulnerabilities page. There are two types of view: by Type and by Vulnerability. Use the former to group all vulnerabilities by type, across all the target scans. Use the latter to see individually all vulnerabilities, across all the target scans.

View by Type

Vulnerability type

Shows the type of the vulnerability found. Click the arrow by the vulnerability type name to show all occurrences of the vulnerability across all scans and further details: file/URL, asset, source, status, confidence, last seen, first seen, and tags. For more information regarding the details, refer to the View by Vulnerability section.

Threat severity

Shows the severity level of the found vulnerability: critical, high, medium, low, or informational.

Source

Displays how the vulnerability was identified - either through DAST, SAST, SCA or Container Security scan results.

Occurrences

Displays the number of occurrences of each vulnerability time across all scans.

First seen

Lists the first date and time in which Invicti identified the vulnerability.

Last seen

Lists the last date and time in which Invicti identified the vulnerability.

View by Vulnerability

Vulnerability

The name of each vulnerability identified by Invicti Platform with icon showing severity level: critical, high, medium, low, or informational.

File/URL

The file or URL where the vulnerability was identified.

Target

Name of the target and environment type where the vulnerability was identified.

Source

Displays how the vulnerability was identified - either through DAST, SAST, SCA or Container Security scan results.

Status

The status of the vulnerability can be: Open, Fixed, Ignored, Rediscovered, or False Positive.

Confidence

Lists the confidence level, showing how certain Invicti Platform is of the vulnerability it identified. It can be 100, 95, or 80 percent.

Last seen

Lists the last date and time in which Invicti identified the vulnerability.

First seen

Lists the first date and time in which Invicti identified the vulnerability.

Tags

Lists the tags you assigned to the vulnerability.

Sort the data

You can sort the data alphabetically based on a particular column. For example, sorting the data by Vulnerability column puts the table in alphabetical or reverse alphabetical order based on the vulnerability name.

Filter vulnerabilities

As the number of detected vulnerabilities increases, managing and prioritizing vulnerabilities can become challenging. To simplify this process, vulnerabilities can be filtered based on various criteria such as CWE, threat, source, URL, occurences, status, vulnerabilities, confidence, assignee, tags, first seen, and last seen.

For more information on filtering in Invicti Platform, refer to the Filtering document.

To help you focus on the most critical issues that require immediate attention, apply multiple filters to the list, such as displaying all critical severity vulnerabilities identified on a specific target that is still open.

  1. Click + Add a filter, then select an option from the displayed list.


  1. Select any related options to further filter vulnerabilities.

  1. Optionally, add more filters by clicking + button. For example, in the image below, the filters selected display vulnerabilities with critical or high severity, a confidence level of 100 percent, and an Open status.

Share This Article