Skip to main content
Issues page explained

Understand, remediate, snooze and track your issues easily from one place

Updated over a month ago

When you first click the Issues tab, you'll see a list of tabs:
Current

Viewing current issues

Filtering the Current issues page

You can filter the list of current issues by Tag; Target; Severity rating (Critical, High, Medium, Low); Exploit likelihood (Known to Rare), CVSS (0.0 - 10.0); EPSS (0-100%); Category (Attack surface reduction, Compromise, Cryptographic weaknesses, Information disclosure, Misconfiguration and common mistakes, vulnerable software) and Target type (External, Internal):

These filters are great if you're under a time crunch and needing to prioritise, as demonstrated in this video:


Viewing Current issues at 'issue level'

Should you click on an issue, you'll see plenty more information. On the left of the screen, you'll find a list of the affected targets/occurrences (including ports and services) and the date we first detected the issue:


On the right hand side, you'll see:

Explanation

Intruder rating

CVSS provides the basis for our severity rating, but our Security team can amend this score to better reflect threat intelligence data

Highest CVSS score

Common Vulnerability Score System (CVSS)
FIRST's open framework for communicating the characteristics and severity of software vulnerabilities

Exploit likelihood

We use publicly available data to determine the likelihood that a vulnerability has ever been used by threat actors to exploit an individual or organisation

CVEs

Common Vulnerabilities and Exposures (CVE)
Security flaw that has been issued an ID.

Description

An explanation of the issue detected

Remediation

Intruder curated advice/guidance to help with resolving the vulnerability.

You may also notice an Action button at the top, which allows you to snooze the issue (by accepting risk, marking as a false positive or adding mitigating controls); Rescan (which limits the scan scope to this specific issue) as well as the option to send the issue to any of your integrated tools:



Viewing 'current' issues by occurrence

When you click a specific occurrence, you'll see even more information:

Explanation

Raw scanner output

This comes direct from the scanner and is available for download as a .txt file.

Check

Clicking this will take you through to the checks detail page

Occurrence

Including the affected target; reported plugin; reported version; date it was first detected by Intruder and target tags

Severity

  • Intruder rating

  • Highest CVSS

  • Attack vector: the level of access required for an attacker to exploit the vulnerability

  • Attack complexity: the level of conditions beyond the attacker's control needed for successful exploit

  • Privileges required: the level of privileges or access an attacker needs for successful exploit

  • User interaction: whether a user, other than the attacker, is needed to do anything in order to exploit the vulnerability

Exploit likelihood

Categorised as either Rare, Unlikely, Likely, Very likely or Known, supplemented by a probability % over the next 30 days.

CVEs

The CVE ID, which links to intel.

Overview

Including description and remediation



​Issue labels explained

Label

Explanation

Plan

An exposed issue not necessary for functionality, but increases the attack surface of the target.

Essential,
Pro,
Premium

Indicates an issue detected by our team, either because our core scanners don't have check for it yet or because it's better detected by a person.

(More on that, here)

Premium

Indicates an issue detected via manual investigation, whereby efforts are focused on the discovery of high impact attack chains that could have significant impact if left unresolved.

(More on that, here)

Premium
bolt-on

Indicates the findings has been reviewed by a member of our Security team for enhanced insights and more bespoke reporting.

Vanguard



​Viewing Fixed issues


Here, you can find a list of your fixed issues, with all the same information as you can find on the Current tab – with the addition of a Fixed date (most recently fixed at the top):



You also have the option of exporting your list of fixed issues as a CSV, if you wish:




​Viewing Snoozed issues


Again, you can find the same information on this page, as you can on the other two – with the option to Un-snooze or view snooze details. (More information on the specifics of snoozing can be found here).



Viewing issues filtered as Noise

Clicking on any of the issues will give you a description of the issue and an explanation for why we have filtered it as noise:


More information about 'Noise' can be found here.

Did this answer your question?