Filtering security issues
By default, the Attack Surface Management > Asset Discovery page displays all potential security issues, starting with critical security issues. You can use filters to display specific types of issues.
To filter security issues:
- Go to Attack Surface Management > Security Issues. Choose IASM using toggle, the respective security issues are displayed.
- Filter by Asset. You can search for specific security issues using the By Asset field. Enter IP address information, such as 192.168.10.10 or 192.168.12.0/24.
- Add advanced search features:
- Click the filter icon. The advanced search fields are displayed.
- Select the Search Type.
- Click Search.
- Select one or more filters:
Filter
Options
Status
Select one of the following statuses:
- Active
- Resolved
- Risk accepted
- False positive
FortiRecon Severity
Select one or more of the following FortiRecon severity statuses:
- Critical
- High
- Medium
- Low
NVD Severity
Select one or more of the following NVD severity statuses:
- Critical
- High
- Medium
- Low
Category
Select one or more of the categories. The list of categories changes based on the displayed security issues.
OT/IoT
CORS Misconfiguration
Security HTTP Headers
Information Disclosure
Suspicious Domains
Web Filter Rating Lookup
SSL Tests
Weak Cipher
Vulnerable Web Technologies
Vulnerable Network Services
CMS Security
Tags
Select one or more tags. Tags list includes system generated OT and IOT tags. The list of filtered security issues is displayed.
- In the Filters list, click Clear to remove all filters.
-
The Archived Results (All Time) section displays all results previously marked as False Positive or Risk Accepted. To revert an archived action and return a result to an Active state, locate the result in the False Positive or Risk Accepted lists and change the status back to Active.