Vulnerabilities Report

Modified on Tue, 4 Jun at 8:50 PM

Select Reports in the navigation bar and choose “Vulnerabilities Report” from the dropdown. 


The Vulnerabilities Report in CloudDefense provides a comprehensive overview of all vulnerabilities detected across your organization's applications. This report helps you identify, manage, and prioritize vulnerabilities to enhance your organization's security posture.


The Vulnerabilities Report displays a list of all vulnerabilities across applications, offering detailed insights into each vulnerability's nature and impact. With this feature, you can:


  • View the Title and Description of each vulnerability.

  • Identify the Application and Team responsible.

  • Understand the Severity level (CRITICAL, HIGH, MEDIUM, LOW) and Custom Severity which we can set in each vulnerability and even in the Global Rules Management tab.

  • Determine whether the vulnerability is on the Allowed List.

  • See whether the vulnerability is Deployed or Public.

  • Locate the specific path and line number of the vulnerability within the codebase.

  • Access additional information like CWEdependenciesscan typetags, and captured time.

  • Check further details by clicking the Check Details button.




Filtering and Export Data


Clicking on any vulnerability title filters the report to show only that type of vulnerability across all applications where it was found. In the below case we can only “JSON Web Token” being shown.




After applying the filter, a notification will appear:


"We have observed a modification in your filter preferences. Would you like to save these changes for future use?"



If the user chooses to save it, the filter is saved and can be applied in the future from the top of the Vulnerabilities Report.



To reset the filter, another notification appears:

"The data displayed corresponds to the <vulnerability title> title, as you have applied a filter based on it. To undo the filter, either click on the title again or use the button located on the right-hand side."


Export


You can apply filters through the search barindividual vulnerabilities, and the left filter bar. The filter bar includes:


  • Date Captured: Filter by the date the vulnerability was detected.

  • Application: View vulnerabilities associated with specific applications.

  • Teams: Identify vulnerabilities linked to particular teams.

  • Severity: Filter by severity level (CRITICALHIGHMEDIUMLOW).

  • Scan Type: Sort by the type of scan.

  • Public or Not: Find vulnerabilities based on their public status.


After clustering vulnerabilities using the filters, you can export the data as a CSV file by clicking the CSV icon in the top right corner of the page.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article