Versions Compared

Old Version 45

changes.mady.by.user Michelle Friedman

Saved on

compared with

New Version 46

changes.mady.by.user Michelle Friedman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Overview

The Security Alerts: View by By Vulnerability screen enables you to manage the alerts per vulnerability according to the selected products/projects.  For example, use this screen to ignore alerts of a specific vulnerability across all libraries in the selected scope.

...

To access the Security Alerts: View by By Vulnerability screen, do as follows:

  • From the menu bar, select Alerts > Security Alerts - View by By Vulnerability. The Security Alerts - View by By Vulnerability screen is displayed. 

Selecting and Generating the Report Data

  1. Filter the alert by the following parameters: 
    • Time - Filters for the time scope
    • Products - Filters for the relevant product
    • Projects - Filters for the relevant project
    • Vulnerability ID - Filters for the relevant ID
    • Status - Filters for active, ignored or resolved (resolved alerts are those that include statuses Ignored, Library Removed, Library In-House, and Library Whitelist) alerts
      When hovering over the status column, in case the alert's status has been manually changed by a user, the user's email and the comment that was provided will appear as a tooltip. 
  2. For additional (hidden) filters, expand Filter. Options are as follows:
    • By Library - Filters according to library, library type, severity, or source file
    • Value - Filters according to an entered value related to the selection in the By Library filter
  3. Click Apply to set the filters. The list is generated.

...

ColumnDescription
Vulnerability IDThe vulnerability and its individual ID
LibraryLibrary name where the vulnerability was found
Source FileFile where the vulnerability was found
ProductThe product where the vulnerability was found
ProjectThe project where the vulnerability was found
SeverityHigh, medium, low 
DetailsThe library’s vulnerabilities list. For customers using Prioritize, this screen displays the traces for the effective vulnerabilities.
CVSSThe vulnerability's Common Vulnerability Scoring System (CVSS) score 
CVSS TypeCVSS 1, CVSS 2, etc. Refer here for more information.
Status

Alerting status of the vulnerability:

  • Active- The application will notify users about the alert and list it by default in the dashboard
  • Ignored - The application will not notify users about the alert and will not list it by default under the dashboard
  • Resolved - Alerts in statuses Ignored, Library Removed, Library In-House, and Library Whitelist and therefore the application will not notify users about the alert

All data can be filtered and sorted. 

Library TypeJava, source library, etc.
Creation Date

The date when the alert was created

Modified Date

The date when the alert was last modified

Top FixThe best fix that matches the vulnerability
ActionsChange alert status (for example, change the status from ignored to active by selecting the “activate” action)
ExportExport the table data to MS Excel, XML, or JSON

Additional Actions

  • To ignore an alert, check the alert's row (checkbox on the left) and select Action > Ignore
  • To activate an ignored alert, filter the table for ignored alerts, then check the alert's row (checkbox on the left) and select Action > Activate. The alert will no longer appear in the ignored alerts list and will appear instead in the list of active alerts.

...