Traceable, through the Issues page, provides a view of detected API security issues, enabling you to monitor, analyze, and remediate them effectively. The Issues page lists these issues with important information such as severity, endpoint count, OWASP category, etc.
What will you Learn from this Topic?
By the end of this topic, you will be able to:
Understand the Issue Flow navigation and drill down into each issue to access its evidence, context, and logs.
Update the status of issues and remediation methods.
Understand the Issue auto-resolution and deletion logic based on the detection sources.
See Issues Overview to understand issues, their lifecycle, and their key components.
Navigating the Issues Flow
When you first land on the Issues page, Traceable shows a list of detected issues, grouped by their name. This list shows key information, such as Severity, Last Seen, and Number of API Endpoints where the issue was observed. The grouping and filtering options enable you to narrow your focus based on a specific indicator. After applying these options, you can drill down into a specific issue to view more detailed information, such as Overview, References, and Status Log.
You can view the evidence for a particular issue for deeper analysis of data, such as its URL, status code, last seen, mutations, and assertions. The Detailed View page for an issue is divided into sections that offer data, logs, and insights that help you understand its impact on your application.
1. Main Issues View
Upon navigating to the Issues page, Traceable shows a comprehensive list of issues that are in the Open or Reopened state. This page serves as a dashboard where you can:
Main Issues View
View Listed Issues — Each issue is presented with details such as its severity, the number of endpoints it was observed in, and OWASP category, etc. For more information, see Issue Listings.
Group and Filter — While Traceable groups the data on the page based on Issue Names by default, you can group the data based on other categories as well. Apart from this, you can also filter data based on the issue impact or your requirements. For more information, see Grouping and Filtering Options.
2. Drilling Down into an Issue
After choosing how to group and filter the issues, you can drill down into a specific issue for a more granular view. Based on the grouping, click a list item to view the issues under it, and then click the Issue Name. The detailed view page highlights the following information about the issue:
Issue Details — The top section of the page specifies the details of the issue such as the Endpoint, Source, Last Seen, Severity, CVSS Score, OWASP Rank, and CWE ranks. Using these details, you can take the necessary steps to mitigate such issues and enhance your application security.
Overview — The Overview section provides a description of the issue, its impact, attack methodology, and how you can mitigate such issues. Traceable also provides you the Issue Evidence for you to drill down on it. Traceable gathers this evidence for each issue. The 5 latest pieces of evidence as seen in the last 24 hours are shown in the tab. Further, you can view the detailed span for each piece of evidence. Using the evidence, you gain access to critical details about the issue, which helps you assess the severity of the issue and work towards its remediation.
Note
For dormant APIs, Traceable shows the 5 latest evidences that it has seen in 90 days.
For issues having AST as the Source, you can customize the detection conditions according to your requirements. For more information, see Mutation and Assertion Overrides.
References — The References tab provides curated links to trusted external sources where you can gather deeper insights into the nature, impact, and remediation of an issue. This tab helps you understand key details about the issue such as the attack mechanism, the effect, which you can use for remediation.
Status Log — The Status Log tab provides you timeline of all status changes related to the issue, along with the timestamps and status updates. This helps you track the issue lifecycle and understand when and how was the issue opened, reopened, or fixed.
Remediation — Based on the above details, you can take the necessary actions towards remediation of the issue. Traceable provides the following options for you to do so:
Integrations — Traceable supports multiple integrations for you to choose from. You can use either of these to create tickets in your corresponding projects and work towards its remediation. For more information, see Integrations.
Status Change — You can use the drop-down to change the status of an issue based on your requirements. For more information on the available statuses, see Issue Status Management and Remediation.
Issue Status Management and Remediation
Traceable enables you to create integration tickets and change the status according to your requirements for issue remediation.
Supported Statuses
You can manually change the state of the detected issue to any of the following:
State | Description |
|---|---|
Open | Traceable has detected an issue. |
Under review | The issue has been acknowledged. You are taking steps to close it. |
Fixed | The issue has been closed. Traceable keeps monitoring the asset (API endpoint or service) even after you mark it as fixed. If Traceable finds new issues, it automatically moves them to an Open state for you to review and resolve. |
Not an issue | Move the issue to a Not an Issue state when you do not want Traceable to report it. If Traceable keeps seeing this issue category, it does not move it to an open state. |
Accepted risk | You can move the issue to this state when you understand and accept the impact. |
Issue Remediation
You can update the status or create integration tickets using either of the following methods:
Individual Update — Update the status or create tickets for each issue individually.
Bulk Update — Update the status or create tickets for multiple issues at once.
The following tabs highlight the steps for the above methods.
To remediate an issue, complete the following steps:
If the Issues page is grouped by a category, click the arrow corresponding to the category.
Click the issue name you wish to remediate.
In the Issue Detailed View page’s top right corner, click the Integration icon(s) or Status drop-down according to your requirements.
Note
If you have not configured an integration, you can do so directly by clicking the relevant Integration icon. For the configuration steps, see the corresponding document under Integrations.
Do one of the following:
If you clicked the Integration icon(s), specify the ticket details according to your requirements.
If you clicked Status drop-down, change the status according to your requirements.
To remediate multiple issues at once, complete the following steps:
If the Issues page is grouped by a category, click the arrow corresponding to the category and click the check-box corresponding to the issues you wish to change the status for.
At the bottom of the page, click the Update Status or Jira icon according to your requirements.
Note
Currently, bulk creation of tickets is supported for the Jira integration only.
You must have a Jira integration configured to be able to create tickets. If you have not configured it yet, you can do so directly by clicking the Jira icon. For the configuration steps, see the Jira Integration.
Do one of the following:
If you clicked Update Status, change the status according to your requirements.
If you clicked the Jira icon, specify the ticket details and click Create.
Issue Auto-Resolution
While you can resolve an issue by changing its status to Fixed, Traceable also auto-resolves it. The following table lists the applicability and scenario of auto-resolution for each source:
Note
The updated status of the auto-resolved issues may take up to 24 hours to reflect on the Traceable platform.
Applicability and Scenario → Source | Auto-Resolution | Scenario 1 | Scenario 2 |
|---|---|---|---|
Live Traffic | Yes | Traceable has not detected the issue in the 14 days since its last occurrence. | - |
API Security Testing | Yes | Traceable has not detected the issue in the 60 days since its last occurrence. | Traceable does not detect the issue in the 15 scans following its last observation. |
Compliance | Yes | Traceable has not detected the issue in the 14 days since its last occurrence. | - |
Issue Deletion
You can delete detected issues from the Issue Detailed View by changing their status to Fixed or Not an issue. Traceable also deletes issues if they are deleted from all Sources. For example, let us say an issue has Live Traffic and AST as the Source. Then, Traceable deletes the issue when it is deleted from both Sources.