π¨ Issues
After scanning for issues in the repositories, all the issues that were detected will be displayed on the Issues page. This is a comprehensive list of issues with an in-depth analysis of their severity and impact. This compilation of all the issues that are threats to the organization allows security professionals to have a birds-eye view of the security postures and one place to have all the elements affecting them from reaching the goal of a secure environment.
Issue Management Section
To go to the issue management section, select the Issues tab from the left side panel. The following figure shows an example of the issues section that would get populated when repositories are scanned. Here, all the issues in various repositories are listed with key parameters arranged in a table. A variety of filters are available here to sort the issues according to various factors such as severity, reachability, category, etc. The Export Table option allows you to download the CSV file for all the issues and related parameters. This can be useful for maintaining a local copy of the status of issues for offline use as well as for reference.
With all the filters and a search box, you can surf all the security issues and explore them in detail by clicking on them, which would provide comprehensive details of particular issues as well as a remediation plan.
Recommend Issues Section
Security Issues that are recommended to be solved by Myrror Security are listed here. These security issues are a list of security issues that would have the worst impact as per Myrrorβs calculation, on the organization's security posture. This includes calculating the severity, reachability, exploitability, and whether a fix is available risk factors solved by patching these issues. Hence, this provides the most efficient way to solve the issues and for security professionals to focus solely on the most important issues.
Low-Risk Issues Tab
The Low-Risk section contains a list of all the security issues that have low-security risk and have the least impact on the organizationβs security posture. These are the issues which no matter how severe they are, have no practical impact on the security posture of the application and are not reachable. These issues need to be solved once all the other issues that have more impact and reachable are solved.
Ignored Issues Section
In this section, Myrror lists the issues that one of the organization's users chooses to ignore. Issues that are ignored will not be counted in all the issues counters all over the platform.
Individual Issues Section
Selecting Issues would provide a detailed analysis and report of that issue. The landing page includes its technical parameters, type of security issues, itβs reachability, impact parameters, summary, etc.
The Affected Repository section provides all the repositories and their related manifest files that contain the affected dependency due to the issue.
Selecting the affected repositories will provide more detail on its impact and other parameters.
The remediation plan provides the best possible way to solve the issue as recommended by Myrror Security.
When more information about the issue is available, Myrror will add more sections like code viewers to describe and provide more details on the specific issue instance.
