After running a scan, Horizon allows you to access details of all the issues identified on the Issues Overview page. Click on any asset name under the Issue column to get started.
To learn more about navigating the Issues overview page refer to (link)
How to Access Issue Details
Once you click on an Issue, you can access its
Basic information
Problem
Solution
Reference
Payloads
Severity
WASC ID and
CWE ID
The issues details page shows the following details for all the issues.
Basic information
Here, Horizon shows the basic information about the Issue such as
Status
Category
Location
First Detected
Last Detected
Problem
If the severity is High, this tab will provide the details of the issue along with information about the attack technique used. Whereas If the severity is Medium, Low or informational, this tab provides a brief description of the issue.
Solution
In this tab, Horizon provides the possible solutions to resolve this issue. It also provides alternative solutions based on how you wish to approach an issue.
References
Here, Horizon provides you with a list of reference links. You can use these links to find out more about the Issue.
Payload
The payload is a critical component of an API, as it defines the data being transmitted and enables communication between the API client and server. Horizon shows the details about the Request Header and Response Header.
Severity
This indicates the seriousness of the issue at hand.
The severity of a selected issue can be
High
Medium
Low
Informational
WASC ID
Horizon provides the WASC ID for respective issues. WASC provides a standardized way of identifying and categorizing web application security threats through its WASC Threat Classification, which assigns a unique identifier (WASC ID) to each threat.
CWE ID
Horizon provides the CWE ID for respective issues. CWE provides a common language for describing and discussing software security weaknesses by assigning a unique identifier (CWE ID) to each weakness.
Actions
You can choose the status of an issue by clicking the Actions dropbox. The status can be one of the following-
Accept
Confirm
Active
False positive
Note - You can also export the issue details as a pdf using the Actions Dropbox. If you confirm an issue, it shows up on your dashboard and you can start working on it.
Notes
You can use this feature to add your personal notes on an issue. Click on the Add a Note space to get started. You can view and add more notes if you wish to by clicking on the View All Notes option. You can also delete an existing note using the dustbin/trash symbol beside it.
Next Steps
Issues Vulnerabilities