When you first click the Issues tab, you'll see a list of tabs:
Current
Viewing current issues
Filtering the Current issues page
You can filter the list of current issues by Tag; Target; Severity rating (Critical, High, Medium, Low); Exploit likelihood (Known to Rare), CVSS (0.0 - 10.0); EPSS (0-100%); Category (Attack surface reduction, Compromise, Cryptographic weaknesses, Information disclosure, Misconfiguration and common mistakes, vulnerable software) and Target type (External, Internal):
These filters are great if you're under a time crunch and needing to prioritise, as demonstrated in this video:
Viewing Current issues at 'issue level'
Should you click on an issue, you'll see plenty more information. On the left of the screen, you'll find a list of the affected targets/occurrences (including ports and services) and the date we first detected the issue:
On the right hand side, you'll see:
| Explanation |
Intruder rating | CVSS provides the basis for our severity rating, but our Security team can amend this score to better reflect threat intelligence data |
Highest CVSS score | Common Vulnerability Score System (CVSS) |
Exploit likelihood | We use publicly available data to determine the likelihood that a vulnerability has ever been used by threat actors to exploit an individual or organisation |
CVEs | Common Vulnerabilities and Exposures (CVE) |
Description | An explanation of the issue detected |
Remediation | Intruder curated advice/guidance to help with resolving the vulnerability. |
You may also notice an Action
button at the top, which allows you to snooze the issue (by accepting risk, marking as a false positive or adding mitigating controls); Rescan (which limits the scan scope to this specific issue) as well as the option to send the issue to any of your integrated tools:
Viewing 'current' issues by occurrence
When you click a specific occurrence, you'll see even more information:
| Explanation |
Raw scanner output | This comes direct from the scanner and is available for download as a .txt file. |
Check | Clicking this will take you through to the checks detail page |
Occurrence | Including the affected target; reported plugin; reported version; date it was first detected by Intruder and target tags |
Severity |
|
Exploit likelihood | Categorised as either Rare, Unlikely, Likely, Very likely or Known, supplemented by a probability % over the next 30 days. |
CVEs | The CVE ID, which links to intel. |
Overview | Including description and remediation |
Issue labels explained
Label | Explanation | Plan |
An exposed issue not necessary for functionality, but increases the attack surface of the target. | Essential, | |
Indicates an issue detected by our team, either because our core scanners don't have check for it yet or because it's better detected by a person. | Premium | |
Indicates an issue detected via manual investigation, whereby efforts are focused on the discovery of high impact attack chains that could have significant impact if left unresolved. | Premium | |
| Indicates the findings has been reviewed by a member of our Security team for enhanced insights and more bespoke reporting. | Vanguard |
Viewing Fixed issues
Here, you can find a list of your fixed issues, with all the same information as you can find on the Current tab – with the addition of a Fixed date (most recently fixed at the top):
You also have the option of exporting your list of fixed issues as a CSV, if you wish:
Viewing Snoozed issues
Again, you can find the same information on this page, as you can on the other two – with the option to Un-snooze or view snooze details. (More information on the specifics of snoozing can be found here).
Viewing issues filtered as Noise
Clicking on any of the issues will give you a description of the issue and an explanation for why we have filtered it as noise:
More information about 'Noise' can be found here.