Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)
Understand vulnerability risk assessment
By clicking on the page icon on the rightmost side of each row, further details of the vulnerability can be accessed. The details provided vary based on the tool that identified the vulnerability.
Standards information
Further information on the industry standards related to the CWE ID of the vulnerability can be found in the Standards tab.
STRIDE risk assessment
The STRIDE section shows you the potential risks associated with each vulnerability. One vulnerability can be associated with multiple risk factors under STRIDE.
The letters in the STRIDE method stand for the following:
- S: Spoofing
- T: Tampering
- R: Repudiation
- I: Information Disclosure
- D: Denial of Service
- E: Elevation of privilege
If the vulnerability carries a risk in one of the categories above, the column is marked with a tick icon.
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center