Using filters

Filters in Veracode Risk Manager (VRM) help you quickly find specific data by limiting the results based on defined criteria, such as business units or high-urgency issues. Use filters to improve efficiency and reduce the time required to locate relevant information.

You can apply filters on various pages throughout VRM. The available filters depend on the context of each page.

Refine Results

Use filters to narrow down and refine search results. It makes it easier for you to find specific information or focus on relevant data subsets. Filters are available on Dashboard, Applications, Solutions, Issues, Assets, and the Findings page. Filters are also available in the Funnels tab on Dashboard.

To complete this task:

1. In VRM, navigate to the page where you want to refine the search results.

2. On the FILTER pane, navigate to the required filter type.

3. In the selected filter type, enter the category name in the search box, or scroll through the list and select the checkbox to choose the desired category. You can also perform the following steps to enhance your search results.

   • Select multiple checkboxes to include entries in the filter results that match any of the multiple selected filter options.
   • Select the Only option within each filter category to show only results that match a particular category.

4. To apply the selected filters and update the search results, click outside the filter menu within the webpage.

Select or clear all the options

Use Select all to include all the options in a specific filter type to populate results.

To complete this task:

1. In VRM, navigate to the page where you want to refine search results.

2. On the FILTER pane, navigate to the required filter type.

3. To include all the options in the selected filter type, select Select all. This will select all the options available under the filter type. To clear all selected options, select Select all again.

4. To apply the selected filters and update the search results, click outside the filter menu.

Create a customized filter

You can create a customized filter and save the categories that you generally select so that you can use it in the future. It helps you to quickly select categories that you frequently use and populate the results.

To complete this task:

1. In VRM, navigate to the page where you want to create a customized filter.

2. Refine the search results based on required filter types and categories.

3. Select the Add icon next to SAVED FILTERS.

4. For Filter Name, provide a name for the filter.

5. Select SAVE FILTER.

Delete a customized filter

You can delete a customized filter if you don't require it to appear on VRM.

To complete this task:

1. In VRM, navigate to the page from which you want to delete the customized filter.

2. On the FILTER pane, expand the SAVED FILTERS dropdown menu.

3. Hover over the filter that you want to delete. The Delete icon appears. Select it.

Use filter types to view appropriate results

Veracode offers a wide range of filter types to help you refine your results. The available filters depend on the context of each page.

ASSET

• APPLICATION: an application is a group of assets that are related to a specific business unit or project. Use this filter type to organize assets and issues for your organization.

• CLOUD ACCOUNT: for applicable asset types, this filter type supports refining results by the AWS account, Azure subscription, or GCP project where the asset resides.

• CLOUD TYPE: specifies the cloud environment in which the asset resides, such as AWS, Azure, or Google Cloud Platform (GCP).

• ASSET TYPE: indicates the kind of asset it is.

• ASSET CATEGORIES: indicates the general asset class, representing a broader category than a specific asset type.

• ASSET TAGS: tags associated with the asset, ingested from the source tool. You can use these tags to filter and organize assets.

• ASSET RISK: represents the level of risk associated with the asset, determined by factors such as technical vulnerabilities, open issues, and business impact.

LABELS

• APPLICATION LABELS: supports filtering based on labels applied at the application level.

• ASSET LABELS: supports filtering based on labels applied at the asset level.

• ISSUE LABELS: supports filtering based on labels applied at the issue level.

SOLUTION

• SOLUTION NAME: contains filters that you can use to refine and view specific sets of data or issues.
  • Update Package: applies updates to a second-party package.
  • Update IaC Template: identifies and updates IaC templates responsible for originating background timing issues.
  • Update File in Source Repo: traces vulnerabilities and weaknesses observed at runtime back to the source code, allowing you to update the relevant files in the source repository.
  • Investigate: identifies solutions that require further investigation.
  • Isolate Asset: identifies solutions that require isolating the asset to prevent further exploitation.
  • Update Asset: identifies solutions that require updating the asset's settings or software to address existing risks.
  • Update Base Image: identifies solutions that require remediating risks in the base image used to create the affected asset.

ISSUE

• ISSUE STATUS: displays the current status of each issue. Statuses include:

  • Active: a newly identified issue.
  • Noted: the issue is being addressed.
  • Resolved: the issue has been fixed.

• ISSUE TYPE: classifies the type of security issue detected. Categories include:

  • Vulnerability (CVE): known vulnerabilities that may be exploited to compromise confidentiality or system integrity.
  • Weakness: code-level issues in first-party applications that can be exploited.
  • Configuration: misconfigurations in cloud or infrastructure settings.
  • Data exposure: sensitive data publicly exposed.
  • Indicator of Attack (IoA): behavioral patterns suggesting an active attack.
  • Indicator of Compromise (IoC): evidence that a system may have been compromised.
  • Malware: detection of malicious software.

• ISSUE SOURCE: identifies the product, tool, or solution from which VRM ingested issues.

• ISSUE AGE: filters issues by their creation date. You can select a start and end date to define the range. The filter supports viewing issues based on the number of days since creation.

• FINDING SOURCE: displays the origin of the security finding. This includes all tools and platforms that provide issue detection data.

• TICKET STATUS: enables filtering by ticket status. VRM ingests ticket status data through integrated ticketing connectors and populating available status options within this filter for future use.

• COMPLIANCE MAPPING: maps analyzed issues to applicable compliance standards. The presence of certain issues may indicate noncompliance. You can filter by compliance frameworks. It supports ingesting compliance mappings from third-party tools. For more information, contact your Veracode Customer Success Manager.

• ISSUE SEVERITY: filters issues by severity, which focuses on the risk elements of the finding itself, excluding broader context. Urgency, which includes both technical and business considerations, is recommended for a more comprehensive view of the issue's risk level.

• URGENCY: represents the urgency level of an issue. Use the slider to select a value that reflects how quickly the issue should be addressed.

FACTORS

• FACTORS: individual analyses of the aspects of asset configuration and business value, used to determine the risk level of assets and the urgency level of issues. You can filter results based on selected factor values. Use AND/OR logic to combine filters. For example, filter by internet-facing assets and specify the associated risk level. Multiple sets of factors can be applied simultaneously.

• RISK EFFECTS: select the specific risk-related attributes that influence the increase or decrease of overall risk scores.

ORIGIN

• CODE REPO PROVIDER: displays assets originating from source code repositories, such as GitLab or GitHub.

• CODE REPO: filters assets by specific repositories within the selected code repository provider.

• IAC MANAGEMENT: displays only assets that are managed through IaC tools.

FINDINGS

• FINDING TYPE: indicates the general class of finding, representing a broader category than the specific asset source.

• FINDING SOURCE: identifies the product, tool, or solution from which VRM ingested findings, enabling filtering to display findings from a specific source.

• FINDING TIME: indicates the timestamp when a finding was ingested into VRM.

• SEVERITY: filter findings by source severity, which reflects the severity level assigned by the finding source, without considering broader context.

Use cases

Show issues only for a selected label

To view issues that pertain to a specific label, apply the appropriate filters.

1. In VRM, navigate to the issues page.

2. On the FILTER pane, in the APPLICATION LABELS filter type, enter the label name in the search box, or scroll through the list and select the checkbox to choose the label. The results are updated to show only solutions that pertain to the label.

Show solutions that require updating IaC template

To view solutions to remediate risk in IaC, apply the appropriate filters.

1. In VRM, select the Issues icon .

2. On the FILTER pane, in the SOLUTION NAME filter type, select Update IaC Template. The results are updated to show only solutions that require updating IaC template.

3. To apply the selected filters and update the search results, click outside the filter menu.

Show results for high-urgency issues

To view the high-urgency issues, apply the appropriate filters.

To complete this task:

1. In VRM, select the Issues icon .

2. On the FILTER pane, in the URGENCY filter type, use the slider to select range between 75 and 100. The results are updated to show only high-urgency issues.