This functionality is being shown in Preview mode. It is not yet available to customers.
TABLE OF CONTENTS
- Access the Issues screen
- Change how the list of issues is displayed
- Take action on an issue!
This screen allows you to:
- Filter, sort, and group the list of issues in many ways
- Open a Jira ticket on any issue
- Export the list
Access the Issues screen
Change how the list of issues is displayed
The Issues screen provides several options to let you control how the list of issues is displayed.
The list of issues can grouped by either of the following attributes:
- Policies, which you can create in the Aqua Hub Explore screen
- Cloud resource
The list can also be ungrouped; each issue will appear on its own row in the table.
By default, groups appear collapsed, i.e., the items in the group are not shown. To expand a collapsed group, click the down arrow near the group name:
Note: Only one group can be expanded at any given time.
You can use the Search field to enter any text string. The list of issues will show only those whose policy or resource name contains the string you have entered. For example; note the Load 20 More control, which will appear if the list does not include all issues meeting the display options.
The Issues screen includes the following filtering controls. All controls except for resource type allow multiple selection:
- Severity: critical, high, medium, low
- Status: open, in progress (a Jira ticket has been opened), mitigated (e.g., with a vShield), or resolved
- Risks: incident, malware, misconfiguration, vulnerability, sensitive data
- Resource type, grouped by category:
- Compute: VM, container, function (serverless)
- Cloud storage: S3 bucket
- Kubernetes resource: cluster
- Supply Chain: repository, artifact, CI pipeline, container image
- Origin: AWS, Azure, Azure Server, Bitbucket, Bitbucket Server, Docker, GCP, GitHub, GitHub Server, GitLab, GitLab Server
When the list of issues is grouped, the groups can be sorted by either of these criteria:
- Grouped by policy: severity, number of issues, policy name
- Grouped by resource: origin, resource name, total issues
Take action on an issue!
You can open (create) one or more Jira tickets for any issue.
Certain issues can also be fixed with a vShield (Vulnerability Shield) to protect your environment from related vulnerabilities during runtime.
Both of these are considered actions. The Issues screen displays:
- If the display is grouped: the percentage of issues within the group for which an action has been taken
- For each individual issue, whether a ticket and/or a vShield has been created
For example, in the following screenshot: the issues are grouped by policy, and we can see the action status for both groups shown:
- 100% of the total issues (1) in the policy "Malware found in running VMs" are covered by an action. Since this group has been expanded, we a Jira ticket has been opened for the VM whose name is "ip-172-31-94-141.ec2.internal".
- The group "VMs with vulnerabilities that have remote exploits in the wild" includes 2 issues. Although this group has not been expanded, we can see that neither issue has been covered with an action (With Action = 0%).
The UI will show the number of tickets that have been opened for each issue. In the following screenshot:
- The VM named "ip-172-31-94-141.ec2.internal" has 2 total issues; 50% are covered by an action.
- The first resource listed, which is of medium severity, is not covered.
- The second resource, of critical severity, is covered by 3 Jira tickets.
Open a Jira ticket
You need to have configured one or more Jira system integrations to open a Jira ticket.
- Click the Actions drop-down list to the right of the issue of interest, and select Open Ticket:
- In the panel that appears, select the desired Jira system integration, and click Open Ticket:
You can also open a ticket on more than one issue simultaneously. Select the tickets of interest, and use any action menu in the matter described above. For example:
Fix an issue with a vShield
This process is very similar to opening a Jira ticket.
Not all issues can be fixed with vShields. If "Fix with vShield" is greyed out in the action menu (see step 1 below), this action is not available.
- Click the Actions drop-down list to the right of the issue of interest, and select Fix with vShield.
- In the panel that appears, ...
- As with opening Jira tickets, you can take action to fix more than one issue simultaneously.
Did you find it helpful?Send feedback