Open

Introduction

Reporting in ThreadFix provides the ability to view application vulnerability data from many different angles. There are several different report types, each with its own filter set. These filters include limiting the view of data by date range, merged vulnerabilities, and various other metrics that allow users to control the visualization of application vulnerability data. Reports can be exported in various formats, such as PDF, CSV and SSVL. This allows for easy sharing of vulnerability data amongst teams and stakeholders. The following is a breakdown of each report and the data it displays.

Hotspot

The Hotspot tab displays summaries of shared static vulnerabilities analyzed across applications for any overlapping vulnerabilities which may indicate the likelihood of shared vulnerable source code. For information on creating a Shared Vulnerability Schedule please see the System Settings guide.

The Hotspot tab displays two time stamps, the first is the time the last update began and the second is when said scan completed. The Severity level, Confidence score, Vulnerability Count as well as Vulnerability Type will display for all vulnerabilities that have been found.

The Shared Vulnerability Schedule feature allows a user to select a time to calculate the Shared Vulnerability report in the Hotspot section of the Analytics page.  This patented calculation analyses data flows from static results across all applications within ThreadFix to find areas of overlap indicating a likelihood of shared vulnerable source code. Due to the very large memory and processing requirements of this feature, users interested in the Shared Vulnerability Schedule should contact ThreadFix Support for recommendations when large sets of vulnerabilities exist within their instance.

Open

To gain further details for any of the vulnerability types, click on View Details. Details will display for each of the vulnerability findings including the associated Scanner Name, Finding Name, Application, and Team.

Table of Contents