Vulnerability Catalogue Overview
Overview
The Vulnerability Catalogue consolidates findings from:- Scheduled scans
- On-demand scans
- CI/CD-triggered scans
- External scanning adapters
Key Capabilities
Centralized View
See all vulnerabilities across all scanners, grouped into a single catalogue.
Advanced Filtering
Filter by severity, scanner, asset, tags, detection date, or remediation state.
Fast Investigation
Open any vulnerability to view details like request evidence, parameters, and matching signature.
State Tracking
Track vulnerabilities through states like Open, Acknowledged, In Review, and Resolved.
Asset Correlation
Automatically link vulnerabilities to their associated assets and risk scores.
Seamless Exporting
Export vulnerabilities for reporting, audits, or external review.
Vulnerability Table Columns
| Column | Description |
|---|---|
| Title | Name of the vulnerability or signature |
| Severity | Critical, High, Medium, Low, Informational |
| Asset | The affected host, API, or application |
| Scanner | Source scanner (Nuclei, Custom, API Scanner, etc.) |
| State | Lifecycle state such as Open, Acknowledged, or Resolved |
| Detected On | When the vulnerability was first found |
| Last Seen | Last occurrence in subsequent scans |
| Actions | Options like View, Export, or Mark Resolved |
Vulnerability Details View
Full Vulnerability View
🔍 Technical Details
- Description
- Severity
- CWE reference
- Scanner source
- Request & response evidence (if applicable)
- Parameters involved
🔁 Lifecycle & Activity
- Current state
- Reviewer comments
- History of detection
- Remediation notes
🧭 Asset Context
- Linked asset
- Exposure level
- Asset risk score
How Analysts Use the Catalogue
Triage New Findings
Prioritize high-severity issues and assign owners immediately.
Track Remediation Work
Monitor states and ensure vulnerabilities are properly resolved and validated.
Investigate Root Causes
Inspect request/response evidence and signature details.
Improve Security Posture
Identify recurring patterns and harden system configurations.
Next Steps
Go to Scanner Configuration
Configure scanning sources and customize your vulnerability detection engine.