Skip to content

Filters Options for Findings

Utilize the filters on the Findings page to easily locate specific findings that are relevant to you. Simply click on the upside-down triangle near the screen's top-left corner.

Filter For Findings

Here are the explanations for each filter:

Types of Filters

  • Event Type: Findings are categorized as a Violation or a Security event, with the latter being a subset of Findings that may indicate a potential breach. These events require manual review to ensure no malicious activity has occurred. The "Acknowledgement Status" is associated with the Security option to track acknowledgment of such events.
  • Acknowledgment Status: This distinguishes the results for security event findings that require a manual review as to whether they have either been Acknowledged or are still Pending acknowledgment.
  • Confidence: Filter Findings by confidence level: "High", "Medium", "Low", or "Not Set" for findings generated by scanners that do not populate this field.
  • Severity: Separates higher-priority Critical risks from lower-priority Warnings.
  • Rules: Select specific scanner rules for targeted security checks.
  • Resources: Focus on findings for a specific resource (project) or a group of resources.
  • Finding Types: Filter results by Violations or Findings. A Violation is a Finding that violates a Policy.
  • Fixable Types: Focus on Fixable and Not Fixable security issues, making it easier to solve known vulnerabilities.
  • Vulnerability Identifiers: The Common Vulnerabilities and Exposures Identifier (CVE ID) of the vulnerable libraries (SCA) to focus upon.
  • Suppression Types: If "Suppressed Status" includes "Suppressed", this will offer additional filters which includes:
    • Source Ignore: A finding that is "Suppressed in Code".
    • Won't Fix: A true positive you've chosen not to rectify due to certain circumstances.
    • False positive: An alert about a security concern that is not present.
  • Suppressed Status: Filter Findings by their state: Not Suppressed (the default state) or Suppressed.
  • Security Types: Categorize security Findings by CI/CD, Source Code, or SCA for easier organization.
  • Scanners: Filter for findings by the scanner that found them.
  • Source: Filter findings by the file in which they are found. The security type groups the lists of said files, SAST for custom code, and SCA for libraries.
  • Exploitability Risk: Exploit Prediction Scoring System (EPSS) predicts the likelihood of a CVE being attacked within the next 30 days.
  • CVSS: The Common Vulnerability Scoring System (CVSS) gives a higher number to more dangerous security vulnerabilities found in commonly used libraries. Scores range from 0 to 10.
  • Licenses: Filter for findings related to disallowed licenses. Select one or multiple licenses to retrieve results.
  • Transitive Vulnerabilities: This is a filter for findings related to vulnerabilities found in dependencies that software code components use. It is further divided into sub-filters namely:
    • Transitive Dependencies: These are vulnerabilities found in the code components used to build software.
    • Direct Dependencies: These are vulnerabilities found in the code used for software.
  • Dependency Scopes
  • Reachability