Support
Types of Reports

Trend Matrix Report

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

The Trend Matrix Report provides correlated, trending data about the status of vulnerabilities identified in a target across several scans and enables you to easily track changes in the web application. Invicti Enterprise automatically begins to collate the Trend Matrix Report when you run more than one scan on the same target web application.

This document provides an explanation of the information available in the Trend Matrix Report and instructions for viewing the Trend Matrix Report. 

Overview

The Trend Matrix Report is displayed in the browser and provides:

  • An overview of the evolving threats to your target.
  • Information about the detected vulnerabilities, such as when they were found, when they were fixed, and whether the same vulnerability was found again in subsequent scans.
  • A chronological list of scans to help you monitor the changes in your web application over time and track the progress and work of your developers.
  • Access to detailed technical information for all detected vulnerabilities.

The table below provides an explanation of each column in the Trend Matrix Report.

Column

Description

Severity

This shows the importance level of the identified vulnerability.

For more information, refer to Vulnerability Severity Levels.

Address

This shows the URL of the identified vulnerability.

Parameter

This is the variable that was used to identify the vulnerability.

Method

This is the HTTP method of the request that Invicti Enterprise sent the payload. It demonstrates what Invicti Enterprise deployed in order to identify the vulnerability.

Issue

This is the name of the vulnerability identified by Invicti Enterprise.

Date and Time

This shows when each scan was run.

Each identified vulnerability is labeled according to the following options:

  • New: This indicates that the issue has been identified for the first time.
  • Not Found: This indicates Invicti Enterprise did not found this vulnerability in that scan.
  • Not Fixed: This indicates the vulnerability has not been fixed.
  • Fixed: This indicates the vulnerability has been fixed.
  • Revived: This indicates that the vulnerability was fixed in previous scans but it has appeared again in that scan.

Filtering

Using the Severity Filter, you can select to view only critical or high severity issues, for example. You can also filter the Trend Matrix Report via the scan group drop-down to view the report based on a particular scan group. To filter, there should be more than one scan group. For more information, refer to Scan Groups in Invicti Enterprise.

How to view the Trend Matrix Report in Invicti Enterprise

  1. Select Scans > Recent Scans from the left-side menu.

  1. In the Target column, click the target name for the relevant scan to open the Targets Dashboard.

  1. Click Trend Matrix Report. The Trend Matrix Report for this website is displayed.

NOTE: If a target was only scanned once, the Trend Matrix Report will not be available.