Triaging issues
All issues are classified as new by default. You can see an issue classification by viewing the issue status.
About this task
Use issue triage to help you:
- Reduce noise so that you can focus on the real issues.
- While you are reviewing issues, classify those issues that do not need to be fixed as noise or passed. Noise issues include those issues that might be false positives. Passed issues require manual verification or review. After you classify issues as noise or passed, you can then focus on other issues, such as open, reopened, and in progress. Issues that are open or reopened have a negative impact on your overall summaries.
- Track progress toward remediation.
- Track progress by evaluating each new issue and classifying it as fixed, in progress, noise, or passed. Assigning issues a status helps you better manage the volume of issue data. Identify and track what issues to fix first and what does not need to be fixed at all.
- Show positive results.
- Classifying issues also helps you show positive results or progress in your organization's scores. This gives key stakeholders a more realistic picture of your site's performance.
- Auto-close issues.
Auto-close issues feature helps to streamline and enhance the issue resolution process while triaging issues. With this functionality enabled, the system will automatically mark an identified issue as 'Fixed' if it is no longer detected in a consecutive scan of the same target during a rescan. This automation not only expedites the closure of resolved issues but also ensures that security teams can focus their efforts on addressing active threats. Administrators and Asset managers can enable this setting at organization level and asset group level respecively through the Settings page. In addition, the 'Allow override' option allows assets managers to configure asset group-specific settings, diverging from the default Organization settings.
The auto-close feature is not applicable in cases where the scan target differs, such as a new scan with a different target, an incremental scan, or when a different IRX file is used for the scan.
Procedure
- In an Application tab, click to the Issues view.
- Sort the Status column to arrange the issues by the weight of critical classification (open, in progress, reopened, noise, passed, fixed, new).
-
Click the row for a specific issue to open the Issue information pane.
This panel contains valuable information about the issue, such fix recommendations, comments, and fix groups. Use this information to help determine whether the issue is really an issue for your organization.
-
To change an issue status from a new state: