Horizon allows you to see the broader picture by providing a list of vulnerabilities. This list entails the vulnerabilities found during the scan along with their instances. The instances refer to the number of times that an issue has occurred for a specific vulnerability.
After running an Application Scan on the target, you can see a list of Vulnerabilities under Issues>Vulnerabilities.
List of Vulnerabilities
Vulnerability
Severity
CWE ID
WASC ID
Instances
Filters
Select Target
In case you have multiple targets, you can filter them to get target-specific results using this feature.
Click Select Target and select any one of the options you wish to filter.
Vulnerability Details
1. Vulnerability
This column lists the different vulnerabilities discovered during the scan. If you click on any of the listed vulnerabilities, you are directed to the Issues overview page where you can see all the issues related to this vulnerability.
Note - On the issues overview page, the issues listed are filtered by the status- Active and Confirmed.
2. Severity
This indicates the seriousness of the Vulnerability.
The severity of a selected vulnerability can be
High
Medium
Low or
Informational
3. CWE ID
Horizon provides the CWE ID for respective vulnerabilities. CWE provides a common language for describing and discussing software security weaknesses by assigning a unique identifier (CWE ID) to each weakness.
4. WASC ID
Horizon provides the WASC ID for respective vulnerabilities. WASC provides a standardized way of identifying and categorizing web application security threats through its WASC Threat Classification, which assigns a unique identifier (WASC ID) to each threat.
5. Instances
This column displays the number of issues that correspond to each Vulnerability.
Next Steps
Digital Footprint Feed & Recommendations