This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Search and prioritize findings

Find and manage priority issues

Search using basic filters

Use the following basic filters to search for information in your findings.

  • C - Findings with critical severity.
  • H - Findings with high severity.
  • M - Findings with medium severity.
  • L - Findings with low severity.
  • Category - Select one or more from CI/CD, malware, license risks, operational risks, SCPM, secrets, security, supply chain, vulnerability.
  • Attributes - Narrow down the list based on a range of factors such as, if a patch is available, if the vulnerable function is reachable, if the dependency is reachable, if the dependency originates from a current repository or a current tenant, is a test dependency, is a phantom dependency, or if the finding originates from itself, direct, or a transitive dependency.
  • EPSS Probability - Choose the Exploit Prediction Scoring System (EPSS) score range.
  • All Time - Choose a time range.

Finding Attributes

Attribute Description
Direct Finding applies to a direct dependency.
Exception Finding is marked as exempt by one or more exception policies.
External Path Only Finding applies to a transitive dependency that can only be reached via external, non-oss, project path(s).
First Party Finding applies to a dependency that belongs to the same namespace.
Fix Available There is a fix available for the CVE reported in this finding.
Invalid Secret Finding applies to an invalid secret.
Malware Finding applies to malicious package.
Normal Finding applies to a normal, non-test, dependency.
Phantom Finding applies to a phantom dependency.
Policy Based Finding was generated by a Rego policy.
Potentially Reachable Dependency Finding applies to a potentially reachable dependency.
Potentially Reachable Function Finding applies to a potentially reachable function.
Reachable Dependency Finding applies to a reachable dependency.
Reachable Function Finding applies to a reachable function.
Same Repository Finding applies to a dependency that belongs to the same project.
Self Finding applies only to the analyzed package version, there is no dependency involved.
Test Finding applies to a dependency not in production code.
Transitive Finding applies to a transitive (indirect) dependency.
Under Review Finding applies to suspicious package under review.
Unfixable There is no fix available for the CVE reported in this finding.
Unreachable Dependency Finding applies to an unreachable dependency.
Unreachable Function Finding applies to an unreachable function.
Valid Secret Finding applies to a valid secret.

Search using advanced filters

Use advanced filters to create powerful queries that drill deeper into the dataset to fetch results with a specific context.

The Advanced Filters use the GetFinding API call to fetch results.

The following table lists some example attributes that you can use in your custom API calls. See also example combinations below.

Attribute API Query
Severity spec.level in ["FINDING_LEVEL_CRITICAL","FINDING_LEVEL_HIGH"]
Category spec.finding_categories contains ["FINDING_CATEGORY_VULNERABILITY"]
Fixable spec.finding_tags contains ["FINDING_TAGS_FIX_AVAILABLE"]
Reachability spec.finding_tags contains ["FINDING_TAGS_REACHABLE_FUNCTION"]
Ecosystem spec.ecosystem in ["ECOSYSTEM_MAVEN"]
EPSS score greater than 10% spec.finding_metadata.vulnerability.spec.epss_score.probability_score > 0.1
EPSS score less than or equal to 100 spec.finding_metadata.vulnerability.spec.epss_score.probability_score <= 1
Only query a given project spec.project_uuid=="UUID of the project"

Examples

Show all findings of critical vulnerability and high severity that have a fix available, with a reachable function and EPSS score greater than 10%

spec.level in ["FINDING_LEVEL_CRITICAL","FINDING_LEVEL_HIGH"] and spec.finding_tags contains ["FINDING_TAGS_FIX_AVAILABLE"] and spec.finding_tags contains ["FINDING_TAGS_REACHABLE_FUNCTION"] and spec.finding_metadata.vulnerability.spec.epss_score.probability_score > 0.1

Show vulnerabilities for a specific project

spec.finding_categories contains ["FINDING_CATEGORY_VULNERABILITY"] and spec.project_uuid == "660e2bc48c7d4e60a5fc692f"

Show vulnerabilities for a specific language in a specific project

spec.finding_categories contains ["FINDING_CATEGORY_VULNERABILITY"] and spec.ecosystem in ["ECOSYSTEM_PYPI"] and spec.project_uuid == "660e2bc48c7d4e60a5fc692f"

You can save the advanced search filters that you created to fetch curated search results. When you save a search, it allows you to easily access the target results and save time.

After typing in the query in the Advance Filter, enter a title in the field on the top right corner and click the Save icon or Save New Filter.

Saved queries are visible in the drop-down list.

Manage findings

See Finding policies for details on how to configure findings.

Act on findings

See Action policies for details on how to define and trigger workflows based on findings that meet a given set of criteria.