Project Vulnerability List
Dive into a specific project’s vulnerabilities, with filters and sorting for clear organization.
Once you select a project from the Global Dashboard, you’ll land on the Project Vulnerability List. This section consolidates all vulnerabilities for a single project—whether discovered by SAST, IAC, or SCA scanning.
Scanner Tabs & Filters
- Scanner Tabs
Switch between SAST, IAC, or SCA tabs to isolate vulnerabilities discovered by each scanner type. This helps you focus on code issues, infrastructure misconfigurations, or library dependencies, respectively. - Severity Filter
Show or hide vulnerabilities at different severity levels (e.g., Critical, High, Medium, Low). - Status Filter
Limit results to vulnerabilities marked To Verify, In Progress or Resolved etc. - Priority Filter
If you’ve tagged vulnerabilities with internal priorities (Critical Urgent, Urgent, Normal, High, Low), you can quickly narrow down the list to see which require immediate attention. - Sort Options
- Severity: Sort by ascending or descending severity.
- CVSS Score (SCA-only): Sort libraries by their numeric score to find the most dangerous dependencies first.
Tips for Large Projects
Tips for Large Projects
1. Break it down by Scanner
If your codebase is quite large, start with SAST to address code-based vulnerabilities, then move on to IAC for cloud misconfigurations.
2. Sort by Priority
Combining severity + priority helps you quickly form a top-10 list to tackle.
3. Batch Update
Some teams use a weekly bug triage meeting to set statuses or priorities for multiple vulnerabilities at once.
Always re-run or schedule scans after significant code or infrastructure changes to keep this list accurate.