Filters Options for Findings¶
To find specific findings that are relevant to you, go to the Findings page and use the filters. Simply click on the upside-down triangle near the screen's top-left corner.
Here are the explanations for each filter:
Types of Filters¶
- Event Type: Findings can be categorized as a Violation or a Security event, with the latter being a subset of Findings that may indicate a potential breach. These events require manual review to ensure no malicious activity has occurred. The "Acknowledgement Status" is associated with the Security option to track acknowledgment of such events.
- Acknowledgment Status: This distinguishes the results for Security event findings that require a manual review as to have either been Acknowledged and/or are still Pending acknowledgment. A Security Event is removed after it is Acknowledged.
- Confidence: Filter Findings by confidence level: "High", "Medium", "Low", or "Not Set" for findings generated by scanners that do not populate this field.
- Severity: Separates higher-priority Critical risks from lower-priority Warnings.
- Rules: Select specific scanner rules for targeted security checks.
- Resources: Focus on findings for a specific resource (project) or a group of resources.
- Finding Types: Filter results by Violations or Findings. A Violation is a Finding that violates a Policy.
- Fixable Types: Focus on Fixable and Not Fixable security issues, making it easier to solve known vulnerabilities.
- Vulnerability Identifiers: The Common Vulnerabilities and Exposures Identifier (CVE ID) of the vulnerable libraries (SCA) to focus upon.
- Suppression Types: If "Suppressed Status" includes "Suppressed", this will offer additional filters which includes:
- Source Ignore: A finding that is "Suppressed in Code".
- Won't Fix: A true positive that you've chosen not to rectify due to certain circumstances.
- False positive: An alert about a security concern that is not present.
- Suppressed Status: Filter Findings by their state: Not Suppressed (the default state) or Suppressed.
- Security Types: Categorize security Findings by CI/CD, Source Code, or SCA for easier organization.
- Scanners: Filter for findings by the scanner that found them.
- Source: Filter findings by the file in which they are found. The lists of said files are grouped by the security type, SAST for custom code, and SCA for libraries.
- Exploitability Risk: Exploit Prediction Scoring System (EPSS) predicts the likelihood of a CVE being attacked within the next 30 days.
- CVSS: The Common Vulnerability Scoring System (CVSS) gives a higher number to more dangerous security vulnerabilities found in commonly used libraries. Scores range from 0 to 10.