Search and prioritize findings

Find and manage priority issues

Search using basic filters

Use the following basic filters to search for information in your findings.

  • C - Findings with critical severity.
  • H - Findings with high severity.
  • M - Findings with medium severity.
  • L - Findings with low severity.
  • Category - Choose from license risks, operational risks, SCPM, secrets, security, supply chain, vulnerability, or malware.
  • Attributes - Choose from a range of factors such as, if a patch is available, if the vulnerable function is reachable, if the dependency is reachable, if the dependency originates from a current repository or a current tenant, is a test dependency, or if the finding originates from itself, direct, or a transitive dependency.
  • EPSS Probability - Choose the Exploit Prediction Scoring System (EPSS) score.
  • All Time - Choose a time range.

Search using advanced filters

​ Use advanced filters to create powerful queries that drill deeper into the dataset to fetch results with a specific context.

The Advanced Filters use the GetFinding API call to fetch results.

Example 1: Show all findings of critical vulnerability and high severity that have a fix available, with a reachable function and EPSS score greater than 10%. ​

spec.level in ["FINDING_LEVEL_CRITICAL","FINDING_LEVEL_HIGH"] and spec.finding_tags contains ["FINDING_TAGS_FIX_AVAILABLE"] and spec.finding_tags contains ["FINDING_TAGS_REACHABLE_FUNCTION"] and spec.finding_metadata.vulnerability.spec.epss_score.probability_score > 0.1

​Example 2: Show vulnerabilities for a specific project. ​

spec.finding_categories contains ["FINDING_CATEGORY_VULNERABILITY"] and spec.project_uuid == "UUID of project"

Example 3: Show vulnerabilities for a specific language in a specific project. ​

spec.finding_categories contains ["FINDING_CATEGORY_VULNERABILITY"] and spec.ecosystem in ["ECOSYSTEM_SELECT_ECOSYSTEM"] and spec.project_uuid == "uuid of project"

​Here are the attributes that you can add to your API call and fetch results:

  • Finding severity: - spec.level in ["FINDING_LEVEL_CRITICAL","FINDING_LEVEL_HIGH"]
  • Type of finding: - spec.finding_categories contains ["FINDING_CATEGORY_VULNERABILITY"]
  • What is fixable: - spec.finding_tags contains ["FINDING_TAGS_FIX_AVAILABLE"]
  • What is reachable at the function level: - spec.finding_tags contains ["FINDING_TAGS_REACHABLE_FUNCTION"]
  • EPSS Score: (EPSS of >10%:) - spec.finding_metadata.vulnerability.spec.epss_score.probability_score > 0.1
  • Up to an EPSS of <=100% - spec.finding_metadata.vulnerability.spec.epss_score.probability_score <= 1
  • To add a specific project to the query: - spec.project_uuid=="UUID of the project"
  • To add a specific language or ecosystem to the query: - spec.ecosystem in ["ECOSYSTEM_MAVEN"]

You can save the advanced search filters that you created to fetch curated search results. When you save a search, it allows you to easily access the target results and save time.

After typing in the query in the Advance Filter, enter a title in the field on the top right corner and click the Save icon or Save New Filter.

Saved queries are visible in the drop-down list.