Issues

The Issues page for an application, by default displays non-compliant issues only. You can apply a variety of filters to see the issues you need, and click on any issue to open the detailed issue information pane.

To open the Issues page for an application:
    • On the main menu, select Applications > Application name > All issues

Issues page options

Option Description
Issue information Click on an issue to open the issue information pane and view detailed information for a specific issue.
Search Search all table content for strings.
Filters To filter the list of issues shown, click the Filters button and filter by any combination of: Severity, Status, Scan technology, Enabled policies, and Issue type.

For each category, select the check boxes to show only those categories. For example, in the Severity category, select Critical and High to show only Critical and High severity issues. However, when no check box is selected, all the issues in that category are shown.

If you opted to view issues based on status and enabled policies, notice that the Enabled policies in the issues view appear as disabled. You cannot uncheck these enabled policies. However, you can modify the enabled policy in the Single application view > Manage > Manage policies. The Status filter in all issues view will remain editable and you can make changes to the default selection.

To remove all applied filters, click Clear all.

Date Select a date range for the list by First found, Last updated, or Last comment.

To remove all applied filters, click Clear all.

Columns By default the columns show Severity, Status, Issue type, Location, and a few other attributes, but you can:
  • Choose from many more attributes by clicking the columns drop-down list.
  • Remove columns by clearing check boxes.
  • Drag-and-drop column headers to change the order of the columns shown.
  • Click a column header to order entries.
Note: The Last found column shows the most recent date that a particular issue was found. It was added on January 15, 2023, and applies only to issues found in scans run after that date. For older scans the Last found field is empty.
Edit status Edit the status of all selected issues.
Security report Select report options and download a security report for all currently displayed issues. If no issues are selected, report will show all issues.
  • Choose between HTML, PDF, and CSV.
  • Select from a checklist in the dialog box.
See Reports
Export issues Export the current issues to a CSV, JSON, or SARIF file.
This action exports all the currently displayed columns of issue information. To define the information that will be exported, use the Columns drop-down list to display the required columns, and drag-and-drop the column headers into the required order. See Export scan data as CSV, JSON, or SARIF
Note: The SARIF option applies only to static analysis issues, not including SCA issues. It is not available with free subscriptions.
Import issues Import issues from a CSV file. To learn about the correct CSV file structure, download sample CSV file.

Filters

The Filters button lets you apply a combination of filters to the list. Options are Severity, Status, Scan technology, Enabled policies, and Issue type. When no filters are applied, all issues are shown; if one check box is selected, only those issues are shown.

For example, in the screenshots below, two filters are applied:
  • Severity = Critical or High
  • Status = New, Open, In progress, or Reopened

The filtered list will show only issues that match both these filters.

CVSS

CVSS score for issues can be added as a column in the table, though the severity of an issue is not based solely on its CVSS score.

For current scans CVSS Version 3.1 scoring is used. For older scans an earlier version of CVSS may have been used. There can be different CVSS scores for the same issue in scans scored using different CVSS versions.