Viewing Issues in Invicti Enterprise
The Issues window displays lists of vulnerabilities detected in scans run by your entire team. You can get an overview of Issues that have been assigned to you, those that are awaiting a Retest, and those that are Addressed.
- Administrators and project managers benefit from an overview of all Issues, including the current State of each Issue and to whom it has been assigned.
- You can send any issue to an issue tracking system that you integrated with Invicti.
- You can see details of the HTTP Request and Response of an Issue.
- You can update an issue details, such as Fixed(Unconfirmed) and Accepted Risk.
For further information, see Managing Issues in Invicti Enterprise.
You can also view issues using the Issues API Endpoints, enabling you to easily integrate with other applications or internal systems.
Issues lists
This table lists and explains the lists available from the submenus in the Issues window.
List |
Description |
To Do |
This window displays a list of all the Issues that have been assigned to you. You can take action by fixing them, assigning them to someone else or changing their status.
|
Waiting for Retest |
This window displays a list of all Issues whose State has been updated to Fixed (Unconfirmed). They are waiting to be tested automatically by Invicti Enterprise. |
Addressed Issues |
This window displays a list of all the Issues that have been addressed and whose State has been updated to one of the following:
Users with Manage Issues (Restricted) permission can only mark an Issue’s state as ‘Fixed (Confirmed)’. |
All Issues |
This window displays a list of all Issues detected in scans run by your entire team. The entire team can view all Issues in a scan report, even if they only have the Manage Issues (Restricted) permission. |
Issues page fields
This table lists and explains the fields listed on the Issues page’s columns and on an individual Issue page.
Field |
Description |
Title/Issue |
This is the name of the vulnerability, such as Internal Server Error. Some issues are grouped, meaning they are reported only once per website. This help text is displayed in the Details window. |
Severity |
This is the vulnerability severity level. The options are:
For further information, see Vulnerability Severity Levels. |
Website Group/ |
This is the name of the scanned website. |
URL/ |
This is either the website address of the scanned website or the URL of the detected issue. |
First Seen |
This is the date and time the issue was first detected. |
Last Seen |
This is when the issue was most recently detected. |
Tags |
This is the label given to an issue to group and/or give additional context. For further information, see Tagging issues in Invicti Enterprise. |
Assignee |
This is the name of the person who has been assigned the task. It may be:
|
Retestable |
This indicates whether the issue can be retested. For further information, see Managing Issues. |
Status |
This indicates the current status of the issue. All Issues are initially marked as Present.
For further information, see Addressed Issues and Issue Lifecycle. |
Viewing issues in Invicti Enterprise
How to view all issues in Invicti Enterprise
- Log in to Invicti Enterprise.
- From the main menu, select Issues > All Issues.
For further information, see Issues Lists.
How to view issues assigned to you in Invicti Enterprise
- Log in to Invicti Enterprise.
- From the main menu, select Issues > To Do.
This page displays a list of all the issues that have been assigned to you.
For further information, see Issues Lists.
To export issue(s) to an issue tracking system, see Exporting a Vulnerability to an Issue Tracking System. Updating an issue? See Updating the Status of an Issue in Invicti Enterprise.
Filtering issues
Column Filters
All columns can be filtered, using a highly customizable combination of Fields, Operators, and Values. Each is explained below. This is useful for teams that manage the security of many websites.
Filters & Values
This table lists the filters and values available for the columns listed above. Select an option to filter the list by that criterion.
- In many cases, values can be entered into the value field; in others, the value can be selected from a drop-down menu.
- You can enter more than one filter at a time.
Field |
Description |
Value |
Title |
Select to filter issues by their title. |
Enter a value. |
Severity |
Select to filter issues by severity. |
The drop-down options are:
|
Website Group |
Select to filter issues by the website group. |
Enter a value. |
Website |
Select to filter issues by the website. |
Enter a value. |
First Seen |
Select to filter issues by the first seen date. |
Select a date. |
Last Seen |
Select to filter issues by the last seen date. |
Select a date. |
Tags |
Select to filter issues by tags. |
Enter a value. |
Assignee |
Select to filter issues by the assignee. |
Enter a value. |
Retestable |
Select to filter issues by testability. |
The drop-down options are:
|
Status |
Select to filter issues by their status. |
The drop-down options are:
|
State |
Select to filter issues by their state. |
The drop-down options are:
|
Opened By |
Select to filter issues by their opened date. |
Select a date. |
Addressed |
Select to filter issues by their state which indicates |
The drop-down options are:
|
Operator
This table lists and explains the Operators available for filtering columns. They work in conjunction with the Field, Operator, and Value.
Operator |
Description |
Equal |
This operator can be used for exact matching. |
Not Equal |
This operator can be used to exclude some results based on exactly matching. |
Contains |
This operator can be used to include results if the filtered column contains the value. |
Not Contains |
This operator can be used to exclude certain results. |
Starts with |
This operator can be used to filter for columns that begin with the value. |
Ends with |
This operator can be used to filter for columns that end with the value. |
Less than |
This operator can be used to filter columns that contain numeric and date-time values rather than string values. |
Less than or equal |
This operator can be used to filter columns that contain numeric and date-time values rather than string values. |
Greater than or equal |
This operator can be used to filter columns that contain numeric and date-time values rather than string values. |
Greater than |
This operator can be used to filter columns that contain numeric and date-time values rather than string values. |
How to filter issues in Invicti Enterprise
- From the main menu, select Issues > All Issues.
- From the Issues page, select the filter button () next to any header column.
- Select Clear to clear all fields.
- Add a New Filter.
- In the relevant filter, where relevant:
- From the Field drop-down, select Tag.
- From the Operator drop-down, select an option.
- In the Value field, enter a value.
- Select Apply.