FAQs
Active View provides a consolidated view of web apps and vulnerabilities drawn from previous scans. Drilling down into web apps will display detailed information regarding the vulnerabilities found. Similarly, reviewing vulnerabilities will display affected web apps.
These are the top-five worst web apps with medium, high, and critical vulnerabilities.
See more: Assets At Risk
These are the top-five worst medium, high, and critical vulnerabilities that exist in your environment.
See more: Vulnerabilities You Should Fix
When viewing Vulnerabilities in Active View or the results of a scan, you can select individual vulnerabilities you want to hide.
To open the Hide Vulnerability dialog where you can provide a reason for hiding the vulnerability, select More options > Hide above the table.
Selecting OK hides the vulnerability. You can reveal hidden items by way of the tools menu on the table header bar.
This is done in the same way as hiding vulnerabilities with one exception: Before selecting OK in the Hide Vulnerability dialog, select True, and then select the False positive checkbox. Enter a note, and then select OK.
The Fortra VM Vulnerability Dictionary (Support > Vuln Dictionary) provides information about known vulnerabilities. The list, which is updated frequently, includes high-level information about specific vulnerabilities and, when appropriate, remediation steps. You can link low-level vulnerability information to this page for users who require greater detail.
Security GPA is the unique grading system used by Fortra VM.
See more: Security GPA
These two concepts comprise the most important aspects of a discovered vulnerability. The "class" is based on the type of threat presented and how it is discovered; "severity" describes the potential of immediate threat.
Possible classes include:
- Explicit - Conclusive evidence of this item was found.
- Potential - Indicators of a possible vulnerability were found.
- Recon - Visible network or asset information that could aid an attacker.
- Compliance - Item related to a security standard, such as the Center for Internet Security (CIS) Benchmarks.
- Malware - Known malware was discovered.
Fortra VM provides a variety of ways to search and filter data.
See more: Find Information in Fortra VM