Skip to content

Filters Options for Findings

Utilize the filters on the Findings page to easily locate specific findings that are relevant to you.

Filter By

Additional filters can be accessed through the More menu.

More Filters

Here are the explanations for each filter:

Types of Filters

  • Event Type: Findings are categorized as a Violation or a Security event, with the latter being a subset of Findings that may indicate a potential breach. These events require manual review to ensure no malicious activity has occurred. The "Acknowledgement Status" is associated with the Security option to track acknowledgment of such events.
  • Acknowledgment Status: This distinguishes the results for security event findings that require a manual review as to whether they have either been Acknowledged or are still Pending acknowledgment.
  • Confidence: Filter Findings by confidence level: "High", "Medium", "Low", or "Not Set" for findings generated by scanners that do not populate this field.
  • Severity: Separates higher-priority Critical risks from lower-priority Warnings.
  • Rules: Select specific scanner rules for targeted security checks.
  • Resources: Focus on findings for a specific resource (project) or a group of resources.
  • Finding Types: Filter results by Violations or Findings. A Violation is a Finding that violates a Policy.
  • Fixable Types: Focus on Fixable and Not Fixable security issues, making it easier to solve known vulnerabilities.
  • Vulnerability Identifiers: The Common Vulnerabilities and Exposures Identifier (CVE ID) of the vulnerable libraries (SCA) to focus upon.
  • Suppression Types: If "Suppressed Status" includes "Suppressed", this will offer additional filters which includes:
    • Source Ignore: A finding that is "Suppressed in Code".
    • Won't Fix: A true positive you've chosen not to rectify due to certain circumstances.
    • False positive: An alert about a security concern that is not present.
  • Suppressed Status: Filter Findings by their state: Not Suppressed (the default state) or Suppressed.
  • Security Types: Categorize security Findings by CI/CD, Source Code, or SCA for easier organization.
  • Scanners: Filter for findings by the scanner that found them.
  • Source: Filter findings by the file in which they are found. The security type groups the lists of said files, SAST for custom code, and SCA for libraries.
  • Exploitability Risk: Exploit Prediction Scoring System (EPSS) predicts the likelihood of a CVE being attacked within the next 30 days.
  • CVSS: The Common Vulnerability Scoring System (CVSS) gives a higher number to more dangerous security vulnerabilities found in commonly used libraries. Scores range from 0 to 10.
  • Licenses: Filter for findings related to disallowed licenses. Select one or multiple licenses to retrieve results.
  • Transitive Vulnerabilities: This is a filter for findings related to vulnerabilities found in dependencies that software code components use. It is further divided into sub-filters namely:
    • Transitive Dependencies: These are vulnerabilities found in the code components used to build software.
    • Direct Dependencies: These are vulnerabilities found in the code used for software.
  • Dependency Scopes
  • Reachability