View Open Security Issues
Last updated
Last updated
Whenever a deployment happens, the Deployment Firewall analyses the deployment against the policies that are configured and incase if any risks are identified then an alert is generated.
The Security Issues page displays the summary of all the security issues identified at each stage of a supply chain along with its details. The alert count for each stages of the deployment namely Source, Build, Artifact, Deploy are displayed as tabs.
Choose the time period for which you want the alerts to be displayed using the Show Data for drop down.
The page displays the following panels at the top:
Number of Issues - This panel displays the issues as a graph chart based on the severity of it, namely: Critical, Normal, High and Low.
Issues by Stage - This panel displays the issues as a bar chart based on the number of alerts detected at each stage of deployment, namely: Source, Build, Artifact and Deploy.
The following toggle options are provided below:
All Deployments and Current Deployments - You can use this toggle button to display alerts for all deployments or only current deployments.
Default Alerts and Exception Alerts - You can use this toggle button to display all the default alerts or the alerts that are marked as exceptions.
The details of the alerts are displayed at the bottom of the page.
Alert - Displays the name of the alert in the respective application. On clicking the alert, a popup is displayed which gives a detailed summary of the alert and suggestions to rectify it.
Tags - Displays all the tags that are added to the alert.
Severity - Displays the severity or level of importance of the alert namely MAJOR, CRITICAL, NORMAL, MEDIUM, and LOW (the severity is calculated based on the policy validations that are done across the software delivery lifecycle).
Stage - Displays the stage (build, artifact, source or deploy) in which the alert is identified.
Application - Displays the application name in which the alert is found.
Account - Displays whether the alert is found in staging or production environment.
Image - Displays the image in which the alert was identified.
First seen - Displays the time details of when the alert was first identified.
Status - Displays the status of the displayed alert.
Owner - Displays the owner of the alert.
Cluster - Displays the name of the cluster to which the alert belongs to.
Namespace - Displays the name of the namespace to which the alert belongs to.
The smart search option is available in this page, is used to search for Alerts; based on Account, Application, Image, Rule, Severity, Stage and Tags.
The following example shows how to search for the alerts based on the Rule.
Select Rule from the search dropdown. The various rules available are displayed. Select the checkbox near the rule for which you want to filter the assigned alerts.
The Alerts that oblige with the selected rule are displayed.
The popup that appears on clicking the alert gives a detailed summary of the alert.
It displays the following details related to the alert:
Severity - Displays the severity of the alert namely; Critical, High, Medium or Low is displayed.
Stage - Displays the stage in which the alert was deducted.
Application - Displays the application name in which the alert was identified.
Account & Image - Displays the associated image of the application.
Version - Displays the version of the application.
First Seen - Displays the timestamp on when the alert was found initially.
Owner - Displays the name of the person who created the application.
Rule Description: This gives a detailed description of the identified alert.
Violation: This explains the impact of the alert on the repo.
Suggestions: This section suggests the possible work arounds that can be done to help resolve the alert.
Various actions can be performed on the displayed alerts. The options are displayed at the bottom of the alert popup page. The different actions that can be performed on the displayed alerts are as follows:
JIRA tickets are automatically created and also can be manually created for the Security Issues. If the security issue is of Critical or High severity, the Jira is automatically created and for other severities you can create manually by using the Create Jira Ticket option in the Security Issue details popup.
To create JIRA tickets, follow the steps given below:
Expand the Show impacted components drop down. The list of all the components impacted by the selected alert are displayed.
Click the additional options menu (three dots).
Click the Create Jira Ticket option.
A Jira ticket is created and listed in the View Jira Ticket column as shown below:
If the vulnerability is of Critical or High severity, the Jira is automatically created by default and the ticket number is displayed as a tab as shown below:
You can click the View SSD-2880 tab to view the ticket details.
The alerts displayed in the supply chain details page can be resolved. You can resolve the alert by following the steps provided below:
Click Resolve Alert from the options displayed in the popup on clicking the alert.
Another pop up is displayed.
Enter the comments for resolving the alert and click Resolve.
The alert is resolved. It becomes inactive and is removed from the active alert lists.
The alerts that are notified in the application can be shared through slack. The slack channel to which you want to send the alert can be configured and thus the alert is shared to the respective channel.
Click Send to Slack from the options displayed in the popup on clicking the alert.
An alert is sent to the configured slack channel and a success message is displayed.
