- Created by Daniel Colon on Aug 05, 2021
You are viewing an old version of this page. View the current version.
Compare with Current View Page History
Version 1 Next »
📙 You will learn
About the various available reports and statistics provided by ThreadFix.
Prerequisites
Audience: IT Professional or End User
Difficulty: Basic
Time needed: Approximately 5 minutes
Tools required: N/A
Introduction
Reporting in ThreadFix provides the ability to view application vulnerability data from many different angles. There are several different report types, each with its own filter set. These filters include limiting the view of data by date range, merged vulnerabilities, and various other metrics that allow users to control the visualization of application vulnerability data. Reports can be exported in various formats, such as PDF, CSV and SSVL. This allows for easy sharing of vulnerability data amongst teams and stakeholders. The following is a breakdown of each report and the data it displays.
Trending Report
The Trending Report gives an excellent visual representation of how the number and composition of vulnerabilities for an application changes over time. Filters can be used to narrow the focus to a specific application, or leave the default settings and get a general overview of how teams are progressing.
Users can filter this report by Teams, Applications, Application Tags, Severity, Analysis Type, Aging, and Date Range. ThreadFix can export this report as a PDF.
Snapshot
The Snapshot tab provides several useful tools for viewing specific aspects of applications and their vulnerability statuses. The drop-down menu displays list of selectable report types.
The following provides a summary of each report type.
Point in Time Report
The Point in Time Report provides an intuitive display of a project's current state. Compare the ratio and severity of existing vulnerabilities using the top chart, and explore more in-depth information on each vulnerability with the expanding vulnerability tree below.
Users can filter this report by Teams, Applications, Application Tags, Severity, and Analysis Type. ThreadFix can export this report as a PDF.
Progress by Vulnerability Report
The Progress by Vulnerability Report is an excellent tool for tracking a development team's response time to specific vulnerabilities. Here users can research the average age of vulnerability types as well as the average time to close each type. Comparing these metrics to industry performance can help teams target specific areas of concern.
The Average Age field shows how many days on average all open vulnerabilities of a particular type have been open. If no vulnerabilities of that type are currently open, the Average Age field will read 0.
The Average Time to Close shows how many days on average all closed vulnerabilities of a particular type were open prior to closing.
Users can filter this report by Teams, Applications, Application Tags, Severity, and Analysis Type. ThreadFix can export this report as a CSV or PDF.
Most Vulnerable Applications
The Most Vulnerable Applications Report brings the applications with the most issues to the forefront. This report provides the application's vulnerability composition to aid in the development of remediation strategies.
Users can filter this report by Teams, Applications, Application Tags, Most Vulnerable Applications Grouping, Severity, and Analysis Type. ThreadFix can export this report as a PDF.
OWASP Top 10
The OWASP Top 10 Report highlights application vulnerabilities that coincide with the ten highest web security threats as designated by the Open Web Application Security Project (OWASP). The expandable tree allows for further exploration of these vulnerabilities.
Users can filter this report by Teams, Applications, Application Tags, Severity, and Analysis Type. ThreadFix can export this report as a CSV, SSVL, or PDF.
Portfolio Report
The Portfolio Report displays information on how current the imported scans are for each application in the portfolio. This report can help target specific applications for follow-up scans in order to stay up-to-date on a projects' vulnerability statuses.
Users can filter this report by Teams, Applications, Application Tags, Severity, and Analysis Type. ThreadFix can export this report as a PDF.
DISA STIG Report
The DISA (Defense Information Systems Agency) STIG (Security Technical Information Guide) report displays information on an application’s compliance with DISA’s Application Security and Development STIG requirements. This report can help users plan and execute remediation strategies in order to maintain compliance with governmental application security standards. Users can filter this report by Teams, Applications, Application Tags, Severity, and Analysis Type. ThreadFix can export this report as a CSV, PDF, or SSVL document.
For more information on STIG, view the Defense Information Systems Agency site.
Scan Comparison Summary
The Scan Comparison Summary report gives a side-by-side look at how each scanner is performing, showing the number and percentage of total vulnerabilities found, number and percent of total false positives discovered among them, how many HAM (Hybrid Analysis Mapping) endpoints were found per scanner, and the percentage total that represents.
Users can filter this report by Teams, Applications, Application Tags, Severity, and Analysis Type. ThreadFix can export this report as a PDF.
Remediation Report
The Remediation Report provides an in-depth look at an applications' vulnerability state and the progress of a team's remediation efforts. This page displays the trending report, as well as a more detailed table with starting and ending vulnerability counts to gauge progress. In addition, Open and Closed vulnerabilities can be expanded to explore issues and their status/criticality, including any comments on those vulnerabilities.
Users can filter this report by Team, Application, Application Tag, Severity, Aging, and/or Date Range.
Vulnerability Search Report
The Vulnerability Search allows users to filter and explore specific vulnerabilities. Details are provided regarding where these vulnerabilities arose, what scanner detected them, the criticality of the vulnerabilities, and more.
Users can filter this report by Teams, Applications, Application Tags, Scanners, Number of Merged Findings, Defects, Aging, and Vulnerability Details. ThreadFix can export this report as a CSV or SSVL.
Hotspot
The Hotspot tab displays summaries of shared static vulnerabilities analyzed across applications for any overlapping vulnerabilities which may indicate. For information on creating a Shared Vulnerability Schedule please see the System Settings guide.
The Hotspot tab displays two time stamps, the first is the time the last update began and the second is when said scan completed. The Severity level, Confidence score, Vulnerability Count as well as Vulnerability Type will display for all vulnerabilities that have been found.
The Shared Vulnerability Schedule feature allows a user to select a time to calculate the Shared Vulnerability report in the Hotspot section of the Analytics page. This patented calculation analyses data flows from static results across all applications within ThreadFix to find areas of overlap indicating a likelihood of shared vulnerable source code. Due to the very large memory and processing requirements of this feature, users interested in the Shared Vulnerability Schedule should contact ThreadFix Support for recommendations when large sets of vulnerabilities exist within their instance.
To gain further details for any of the vulnerability types, click on View Details. Details will display for each of the vulnerability findings including the associated Scanner Name, Finding Name, Application, and Team.
Table of Contents
- No labels