SUPPORT

24/5 Hotline Support Service

+44 (0)20 3588 3841

Open a Support Ticket

support@netsparker.com

Viewing Issues in Netsparker Enterprise

The Issues window displays lists of vulnerabilities detected in scans run by your entire team. You can get an overview of Issues that have been assigned to you, those that are awaiting a Retest and those that are Addressed.

Administrators and Project Managers benefit from an overview of all Issues, including the current State of each Issue and to whom it has been assigned.

You can also view issues using the Issues API Endpoints, enabling you to easily integrate with other applications or internal systems. You can now use the API Endpoints to view the following:

  • Addressed Issues list
  • All Issues list
  • Issues by Id list
  • Report of Issues in CSV format
  • To Do list
  • Waiting for Retest list

For further information, see What Systems Does Netsparker Integrate With?.

For further information, see Managing Issues in Netsparker Enterprise.

Issues Lists

This table lists and explains the lists available from the submenus in the Issues window.

List

Description

To Do

This window displays a list of all the Issues that have been assigned to you. You can take action by fixing them, assigning them to someone else or changing their status.

The number next to the menu name indicates how many outstanding items you have in your To Do list.

In the State column for each newly identified vulnerability, it will read Present. Once you click Retest, it will change to Fixed (Unconfirmed).

Waiting for Retest

This window displays a list of all Issues whose State has been updated to Fixed (Unconfirmed). They are waiting to be tested automatically by Netsparker Enterprise.

Addressed Issues

This window displays a list of all the Issues that have been addressed and whose State has been updated to one of the following:

Accepted Risk

Indicates that the Issue has been considered and is marked as a low risk vulnerability

False Positive

Indicates that the Issue has been considered and is marked as not a genuine vulnerability

Fixed (Confirmed)

Indicates that the Issue has been fixed and requires no further action

Users with Manage Issues (Restricted) permission can only mark an Issue’s state as 'Fixed (Confirmed)'.

All Issues

This window displays a list of all Issues detected in scans run by your entire team. The entire team can view all Issues in a scan report, even if they only have the Manage Issues (Restricted) permission.

This table lists and explains the fields listed in the Issues window's columns and in an individual Issue window.

Field

Description

Title/Issue

This is the name of the vulnerability, for example Internal Server Error.

Severity

This is the vulnerability severity level. The options are:

  • Critical
  • High
  • Medium
  • Low
  • Information
  • Best Practice

For further information, see Vulnerability Severity Levels.

Website Group

This is the name of the group to which the website belongs.

Website/Website Name

This is the name of the scanned website.

URL/Issue URL

This is either the website address of the scanned website or the URL of the detected issue.

First Seen

This is the date and time the issue was first detected.

Last Seen

This is when the issue was most recently detected.

Assignee

This is the name of the person who has been assigned the task. It may be:

  • The Technical Contact for the scanned website
  • The Team Member who initiated the scan
  • Any other member of the team

State

This indicates the current State of the issue. All Issues are initially marked as Present.

  • Present
  • Accepted Risk
  • False Positive
  • Fixed (unconfirmed)

For further information, see Addressed Issues and Issue Lifecycle.

Retestable

This indicates whether the issue can be retested.

How to View an Issue in Netsparker Enterprise

From the main menu, click Issues, then To Do. (Alternatively, you can select another submenu.) A list of issues is displayed.

For further information, see Issues Lists.

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO