search
Ctrlk
Book a demo

Issue Details: Extra Info

The Extra Info tab provides the surrounding metadata for the issue, including the affected application, compliance mappings, attack-framework classification, scan details, the policy that triggered the detection, and the severity trend over time.

Use this tab to put the issue in a business and compliance context, understand which framework controls it touches, and see how its severity has evolved.

hashtag
App Info

Identifies the application affected by the issue and its key attributes.

Field
What it shows
How to use

Business Priority & App

The business priority score and the name of the affected application or repository.

Use this to gauge organizational importance — high-priority apps should be remediated first.

Creation Date

When the application or resource was first created.

Use this to understand the asset's age and likelihood of legacy configuration.

Last Code Change

When the resource was most recently modified.

Use this to see whether the resource is actively maintained — recent changes may be relevant to the finding.

Public Visibility

Whether the application is Public or Private.

Use this to understand exposure — public visibility increases the risk of the finding being abused externally.

Scanned Branch

The branch that was scanned to produce the finding.

Use this to confirm you are remediating in the right branch.

hashtag
Compliance

Maps the issue to the controls it violates across recognized compliance standards.

Column
What it shows
How to use

Standard

The compliance framework (for example, ISO27001:2022, SOC2, NIST-800-53-Revision-5, PCI_DSS 4.0, PCI_DSS 3.2.1).

Use this to identify which frameworks are impacted by the finding.

Category

The control category within the framework, such as Access Control or Confidentiality.

Use this to understand the type of control that is affected.

Control

The specific control identifier (for example, A.9.2.4, CC6.1, IA-5, 8.3.2).

Use this to reference the exact control when reporting to auditors or compliance teams.

Description

A short description of what the control requires.

Use this to confirm the relevance of the control and to scope remediation appropriately.

hashtag
OSC&R

Maps the issue to the OSC&R (Open Software Supply Chain Attack Reference) framework, showing which attack tactics and techniques apply.

The horizontal track lists OSC&R tactics — Reconnaissance, Resource Development, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Lateral Movement, Collection, and so on. A counter next to a tactic (for example, Initial Access (1/1)) indicates how many techniques under that tactic are matched by the issue.

Each matched tactic shows technique cards (for example, T0112: Compromised token) with badges indicating related counts.

Use this section to understand where the issue fits in an attacker's kill chain and to anticipate the next stages of an attack if the issue is exploited.

hashtag
CWE

Lists the Common Weakness Enumeration entries that classify the underlying weakness (for example, CWE-798: Use of Hard-coded Credentials).

Use this to align the finding with industry-standard weakness definitions, link to external references, and standardize reporting across tools.

hashtag
More Info

Provides scan and detection metadata for traceability.

Field
What it shows
How to use

Policy Name

The name of the OX policy that produced the detection (for example, Secret in Runtime).

Use this to understand which policy is responsible for the finding.

Rule Id

The specific rule under the policy (for example, base64-github-fine-grained-pat).

Use this to tune detection or build exceptions for the exact rule.

Source tools

The OX source or integration that produced the detection (for example, Cloud Context).

Use this to identify which scanner or data source generated the finding.

Scan ID

The unique identifier of the scan run that produced the finding.

Use this to reproduce, audit, or reference the scan in support requests.

hashtag
Policy

Describes the policy that triggered the detection and explains why it matters.

The Policy field links to the underlying policy (for example, Secret in Runtime). The "Why Should I Care" section provides a plain-language description of the risk the policy is designed to catch.

Use this section to understand the rationale behind the detection, share context with stakeholders who are unfamiliar with the policy, and decide whether the finding is in scope for your team.

hashtag
Trend

Shows how the severity of the issue has changed over a selected time window.

The chart plots severity (Info, Low, Medium, High, Critical, Appox) over time. The First Change and Last Change panels on either side describe the earliest and latest severity changes within the selected period — for example, "Severity did not change in the selected period."

Use this section to see whether the issue is escalating, stable, or being actively reprioritized, and to spot patterns across re-detections.

Last updated