Issue Details

After running a scan, Horizon allows you to access details of all the issues identified on the Issues Overview page. Click on any asset name under the Issue column to get started.

To learn more about navigating the Issues overview page refer to (link)

How to Access Issue Details

Once you click on an Issue, you can access its

1. Basic information

2. Problem

3. Solution

4. Reference

5. Payloads

6. Severity

7. WASC ID and

8. CWE ID

The issues details page shows the following details for all the issues.

Basic information

Here, Horizon shows the basic information about the Issue such as

1. Status

2. Category

3. Location

4. First Detected

5. Last Detected

Problem

If the severity is High, this tab will provide the details of the issue along with information about the attack technique used. Whereas If the severity is Medium, Low or informational, this tab provides a brief description of the issue.

Solution

In this tab, Horizon provides the possible solutions to resolve this issue. It also provides alternative solutions based on how you wish to approach an issue.

References

Here, Horizon provides you with a list of reference links. You can use these links to find out more about the Issue.

Payload

The payload is a critical component of an API, as it defines the data being transmitted and enables communication between the API client and server. Horizon shows the details about the Request Header and Response Header.

Severity

This indicates the seriousness of the issue at hand.

The severity of a selected issue can be

1. High

2. Medium

3. Low

4. Informational

WASC ID

Horizon provides the WASC ID for respective issues. WASC provides a standardized way of identifying and categorizing web application security threats through its WASC Threat Classification, which assigns a unique identifier (WASC ID) to each threat.

CWE ID

Horizon provides the CWE ID for respective issues. CWE provides a common language for describing and discussing software security weaknesses by assigning a unique identifier (CWE ID) to each weakness.

Actions

You can choose the status of an issue by clicking the Actions dropbox. The status can be one of the following-

• Accept

• Confirm

• Active

• False positive

Note - You can also export the issue details as a pdf using the Actions Dropbox. If you confirm an issue, it shows up on your dashboard and you can start working on it.

Notes

You can use this feature to add your personal notes on an issue. Click on the Add a Note space to get started. You can view and add more notes if you wish to by clicking on the View All Notes option. You can also delete an existing note using the dustbin/trash symbol beside it.

Next Steps

Issues Vulnerabilities