You are here:

FAQs

What is Active View?

Active View provides a consolidated view of web apps and vulnerabilities drawn from previous scans. Drilling down into web apps will display detailed information regarding the vulnerabilities found. Similarly, reviewing vulnerabilities will display affected web apps.

What are At-Risk web apps?

These are the top-five worst web apps with medium, high, and critical vulnerabilities.

See more: Assets At Risk

What are Vulnerabilities You Should Fix?

These are the top-five worst medium, high, and critical vulnerabilities that exist in your environment.

See more: Vulnerabilities You Should Fix

How can I hide vulnerabilities?

When viewing Vulnerabilities in Active View or the results of a scan, you can select individual vulnerabilities you want to hide.

To open the Hide Vulnerability dialog where you can provide a reason for hiding the vulnerability, select More options > Hide above the table.

Selecting OK hides the vulnerability. You can reveal hidden items by way of the tools menu on the table header bar.

How can I remove a vulnerability triggered incorrectly from my results?

This is done in the same way as hiding vulnerabilities with one exception: Before selecting OK in the Hide Vulnerability dialog, select True, and then select the False positive checkbox. Enter a note, and then select OK.

WARNING: Retiring an asset is not reversible and removes all data from that asset’s history from the account.

Where can I learn more about a specific vulnerability?

The Fortra VM Vulnerability Dictionary provides information about known vulnerabilities. The list, which is updated frequently, includes high-level information about specific vulnerabilities and, when appropriate, remediation steps. You can link low-level vulnerability information to this page for users who require greater detail.

What is my Security GPA?

Security GPA is the unique grading system used by Fortra VM.

See more: Security GPA

What are vulnerability classes and severities?

These two concepts comprise the most important aspects of a discovered vulnerability. The "class" is based on the type of threat presented and how it is discovered; "severity" describes the potential of immediate threat.

Possible classes include:

Explicit - Conclusive evidence of this item was found.
Potential - Indicators of a possible vulnerability were found.
Recon - Visible network or asset information that could aid an attacker.
Compliance - Item related to a security standard, such as the Center for Internet Security (CIS) Benchmarks.
Malware - Known malware was discovered.

How do I manage large tables of data?

Fortra VM provides a variety of ways to search and filter data.

See more: Find Information in Fortra VM

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
Product Version | 202411220536 | November 2024