As we reach the end of September 2024, ThreadFix version 3.x on-premises has officially reached its End-of-Life. Therefore, there is no longer support or updates for this version of the product. We have fully transitioned our product and development teams to focus ThreadFix SaaS and migrating all customers over from the on-premises versions. Our Customer Success and Support teams are here to help you in migrating to ThreadFix SaaS and maximizing the value you see from this improved offering from Coalfire. This is the next phase of ThreadFix and our team is looking forward to continuing to support you on this journey.
Vulnerability Filtering 3.0
- Daniel Colon
You will learn
How to create, apply, save, load, and export vulnerability filters.
Prerequisites
Audience: IT Professional or End User
Difficulty: Basic
Time needed: Approximately 10 minutes
Tools required: N/A
Within a page that contains a vulnerability list and Filter menu, users can filter the list as needed, e.g., Application Details, Team Details, Analytics (Vulnerability Search tab).
To apply a filter to all teams and applications a user can access, it should be created in the Vulnerability Search tab of the Analytics page.
Reason: If the filter is created & saved in the Application Details or Team Details page and a user wants to use that filter in the Vulnerability Search tab of the Analytics page, the filter will be limited to the application/team where it was created.
Applying Filters
Filter options are applied by expanding the desired section, entering/selecting the desired criteria and clicking the Apply button.
The example below shows the Scanners section expanded with two scanners selected. To add scanners, begin typing a scanner name in the entry field and select it from the autofill list. To remove a scanner, click the minus icon next to its name. For the filter options to take effect, the blue Apply button must be clicked after any selections have been added/removed.
The Pivot section determines the axis on which the vulnerability results list display. This is filtered by a Primary Pivot and Secondary Pivot drop-down list of options. The default Primary Pivot option is Severity, and the default Secondary Pivot is Issue Type.
The Issue Type pivot option only affects vulnerabilities that are Unmapped or are mapped to No CWE (CWE -1, “None”). If either of those conditions are true, the vulnerabilities will be displayed and grouped in the tree by their Scanner Vulnerability. They'll otherwise reflect the CWE name.
An example of an alternative from the default pivot is Severity vs. Scanner. Select Scanner from Secondary Pivot drop-down menu, and click the Apply button:
Users can check which filters are currently applied by clicking the Filters Applied button, details will display as below:
Saving a Filter
After creating & applying a filter, it can be saved for future use. From the Save Current Filter section a filter can be saved by entering a name and clicking the Save button.
Once saved, a success banner will display. Any additional changes made to the filter can be saved by simply clicking the Update Saved Filter button.
Loading a Filter
To load a saved filter, select the Load Filters tab at the top of a Filters menu and select it from the drop-down menu. Filters can also be copied or cleared from the same menu with their respective buttons.
Exporting a Filter
Filters can be exported by utilizing the CSV or SSVL buttons found in the Export section.
Table of Contents
- 1 You will learn
- 1.1 Prerequisites
- 1.2 Applying Filters
- 1.2.1 Saving a Filter
- 1.2.2 Loading a Filter
- 1.2.3 Exporting a Filter
- 2 Table of Contents
www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.