Categories tab
Using the Categories tab, you can add categories that contain findings based on bundles, properties, or selected findings that you choose. The categories can then be used when adding certain items to the Layout. For example, when you add a Vulnerability Breakdown to the Layout, a table with a breakdown of the number of vulnerabilities in all categories (by severity and classification) is added to the layout. The Categories tab consists of a pane with a tree of categories and a pane in which to edit the attributes of the selected category. Each category contains the findings in the assessment that satisfy certain requirements that you define.
The available categories include:
- Bundle: A bundle category consists of a list of bundle names. Any finding in a bundle whose name appears in the list appears in this category. Although you choose bundles from the current assessment, you can apply the bundle category to any assessment since bundles are matched by name.
- Individual findings: Choose specific findings to add to the category. Only a snapshot of the finding is added to the report. If you modify the finding after it is added to the report, the report does not reflect the change.
- Vulnerability Types, Mechanisms, and Technologies properties: Choose sets of properties and required properties from APIs in the AppScan® Source Security Knowledgebase. If a finding contains at least one of the Properties and all Required Properties, it is included in the report.
This table identifies the category panes and the items comprising the pane.
| Attribute | Description | How to edit |
|---|---|---|
| Label | The brief name of the category, such as Buffer Overflow. The label identifies the category in the tree list of categories - and it is the category heading in the custom report. | Type a label in a single line text field. |
| Summary | A template for a sentence stating how many findings
are reported in this category. The actual count replaces %FindingCount% during
report generation. |
Type a short description of the category and
click Add Count to place the variable, %FindingCount% in
the phrase at the cursor location. |
| Text | Brief category description. | Enter text describing the category. |
| Properties (Property categories only) | Findings having at least one of these properties will be reported in this category. If a finding does not have all listed required properties, then the finding is not included in this category. | Click Add on the toolbar and select a property from the Add Properties dialog box. Click Remove to remove the selected items from the list. |
| Required Properties (Property categories only) | Findings with all required properties and at least one property appear in the report under this category. | Click Add on the toolbar and select a property from the Add Properties dialog box. Click Remove to remove the selected items from the list. |
| Bundles (Bundle categories only) | Specifies the names of bundles to include in this category. | Click Add a bundle in the Bundles section, and select the bundles from the list. |
| Findings (Findings categories only) | Specifies the findings to include in this category. | Select findings in any findings table and then
click Add findings on the table toolbar to
add the selected findings. If more than one view contains selected
findings, you will be prompted to select the view that contains the
selected findings that you want to add. You can also drag findings from a findings table to the table in the Report Editor view - or in the Report Editor or directly to an existing findings category in the category tree. |