Manage and prioritize vulnerabilities
The vulnerabilities page lists all vulnerabilities identified across your scans. By using the filtering and sorting options, you can quickly identify and prioritize vulnerabilities that require immediate attention. For information about managing vulnerabilities in a scan, refer to Reviewing scan results.
This document explains the information found on the Vulnerabilities page and how to use them for identifying and prioritizing vulnerabilities.
Information available on the Vulnerabilities page
This section below describes each of the available fields you can view on the vulnerabilities page. There are two types of view: by Type and by Vulnerability. Use the former to group all vulnerabilities by type, across all the target scans. Use the latter to see individually all vulnerabilities, across all the target scans.
View by Type
Vulnerability type
Shows the type of the vulnerability found. Click the arrow by the vulnerability type name to show all occurrences of the vulnerability across all scans and further details: file/URL, asset, source, status, confidence, last seen, first seen, and tags. For more information regarding the details, refer to the View by Vulnerability section.
Threat severity
Shows the severity level of the found vulnerability: critical, high, medium, low, or informational.
Source
Displays how the vulnerability was identified - either through DAST, SAST, SCA or Container Security scan results.
Occurrences
Displays the number of occurrences of each vulnerability time across all scans.
First seen
Lists the first date and time in which Invicti identified the vulnerability.
Last seen
Lists the last date and time in which Invicti identified the vulnerability.
View by Vulnerability
Vulnerability
The name of each vulnerability identified by Invicti Platform with icon showing severity level: critical, high, medium, low, or informational.
File/URL
The file or URL where the vulnerability was identified.
Target
Name of the target and environment type where the vulnerability was identified.
Source
Displays how the vulnerability was identified - either through DAST, SAST, SCA or Container Security scan results.
Status
The status of the vulnerability can be: Open, Fixed, Ignored, Rediscovered, or False Positive.
Confidence
Lists the confidence level, showing how certain Invicti Platform is of the vulnerability it identified. It can be 100, 95, or 80 percent.
Last seen
Lists the last date and time in which Invicti identified the vulnerability.
First seen
Lists the first date and time in which Invicti identified the vulnerability.
Tags
Lists the tags you assigned to the vulnerability.
Sort the data
You can sort the data alphabetically based on a particular column. For example, sorting the data by Vulnerability column puts the table in alphabetical or reverse alphabetical order based on the vulnerability name.
Filter vulnerabilities
As the number of detected vulnerabilities increases, managing and prioritizing vulnerabilities can become challenging. To simplify this process, vulnerabilities can be filtered based on various criteria such as CWE, threat, source, URL, occurences, status, vulnerabilities, confidence, assignee, tags, first seen, and last seen.
For more information on filtering in Invicti Platform, refer to the Filtering document. |
To help you focus on the most critical issues that require immediate attention, apply multiple filters to the list, such as displaying all critical severity vulnerabilities identified on a specific target that is still open.
- Click + Add a filter, then select an option from the displayed list.
- Select any related options to further filter vulnerabilities.
- Optionally, add more filters by clicking + button. For example, in the image below, the filters selected display vulnerabilities with critical or high severity, a confidence level of 100 percent, and an Open status.
