Security Alerts: View by Library

Overview

The Security Alerts: View By Library screen enables you to review all vulnerability-based alerts that are associated with a specific library. Additionally, you can review vulnerability statistics for a selected library (meaning the number of reported vulnerabilities and ignored alerts) and ignore and activate (restore) a selection of vulnerability alerts associated with a library.

Accessing the  Security Alerts: View By Library Screen

To access the Security Alerts: View By Library screen, do as follows:

  • From the menu bar, select Alerts > Security Alerts - View By Library. The Security Alerts - View By Library screen is displayed. 

Generating the Alerts List

Refer here for details.

Table Components

ColumnDescription
LibraryLibrary name where a CVE was found
ProductThe product where the vulnerability's library was found
ProjectThe project where the vulnerability's library is found
Severity(High, medium, low) The highest-severity vulnerability accompanied by the number of times that vulnerabilities of this severity are found in this library
Total AlertsThe total number for all vulnerability alerts reported for the library (Activated and Ignored)
Ignored Alerts

The number of library-related vulnerability alerts marked as ignored (will be empty if there are no ignored alerts)

Library TypeJava, source library, etc.
Creation Date

The date when the alert was created

Modified Date

The date when the alert was modified

Additional Actions

  • To ignore all the security alerts related to a library's vulnerabilities, check the library's row (checkbox on the left) and select Action > Ignore
  • To activate all the security alerts related to a library's vulnerabilities, filter the table for ignored library's alerts, then check the alert's row (checkbox on the left) and select Action > Activate. The alert will no longer appear in the ignored alerts list and will appear instead in the list of reactivated alerts.

IMPORTANT

  • The actions of ignoring and activating alerts are saved to the Change Log History Report. This report can be used to filter and monitor these actions, and to view who performed them and when, and which informative comments those users might have added. 
  • Note that while you perform the action on the library, the application actually performs the action on the vulnerability alerts. If you selected a library with multiple vulnerabilities, the Change Log History Report will display a separate row for each vulnerability alerts.
  • To export an alert to Excel, XML and JSON format, check the alert's row (checkbox on the left), select Action > Export, and select your desired format.

Additional Options

  • To view information for a specific vulnerability's library, in Library, select the library. The Library Details page is displayed. This page displays relevant information regarding the library such as vulnerability trends, copyright information, and library vulnerabilities.
  • To view information for a specific library's related product or project, in the Product or Project column, click the relevant product or project. The relevant Home screen for that product or project is displayed with a variety of dashboard options, including security alerts, license analysis and vulnerability analysis.
  • To view severity details, click Details in that vulnerability's column. The Library Security Vulnerabilities screen is displayed, displaying relevant information for all active vulnerabilities in the library, such as vulnerability ID, CVSS scores, etc.