Filters Options for Findings¶
Utilize the filters on the Findings page to easily locate specific findings that are relevant to you.
Additional filters can be accessed through the More menu.
Here are the explanations for each filter:
Types of Filters¶
- Confidence: Filter Findings by confidence level: "High", "Medium", "Low", or "Not Set" for findings generated by scanners that do not populate this field.
- Severity: Separates higher-priority Critical risks from lower-priority Warning, Minor, or Not Set.
- Manual Tag: Filters findings based on custom tags assigned to specific resources (e.g., repositories, organizations). Tags such as critical, outsourced, or non-prod can be created and applied to help group and track security issues across similarly categorized assets.
- Rule Types: Select specific scanner rules for targeted security checks.
- Organizations: Focus on findings for a specific organization or a group of organizations.
- Finding Types: Filter results by Violations or Findings. A Violation is a Finding that violates a Policy.
- Fixable Types: Focus on Fixable and Not Fixable security issues, making it easier to solve known vulnerabilities.
- Vulnerability Identifiers: The Common Vulnerabilities and Exposures Identifier (CVE ID) of the vulnerable libraries (SCA) to focus upon.
- Suppressed Status: Filter Findings by their state: Not Suppressed (the default state) or Suppressed.
- Security Types: Categorize security Findings by Container, SAST, or SCA for easier organization.
- Scanners: Filter for findings by the scanner that found them.
- Source: Filter findings by the file in which they are found. The security type groups the lists of said files, SAST for custom code, SCA for libraries, and Container Scanning for container images.
- Exploitability Risk: Exploit Prediction Scoring System (EPSS) predicts the likelihood of a CVE being attacked within the next 30 days.
- CVSS: The Common Vulnerability Scoring System (CVSS) gives a higher number to more dangerous security vulnerabilities found in commonly used libraries. Scores range from 0 to 10.
- Transitive Vulnerabilities: This is a filter for findings related to vulnerabilities found in dependencies that software code components use. It is further divided into sub-filters namely:
- Transitive Dependencies: These are vulnerabilities found in the code components used to build software.
- Direct Dependencies: These are vulnerabilities found in the code used for software.