The Evidence section of the Issue Detail provides the
evidence that Cortex® Xpanse™ uses to attribute and assess the Issue.
section of the
provides the evidence that Cortex® Xpanse™ uses
to attribute and assess the Issue.
section contains the following
field indicates the current status of the Issue. There are two states:
—When an Issue is
a third field indicates when the Issue was last active.
Cloud Management Status
whether the issue is for a
This field displays cloud management
status only if the Unmanaged Cloud module has been set up. If the
Unmanaged Cloud module has not been set up, this field indicates
—Unique identifier for the issue.
This identifier appears in the issue URL.
Review Issue Evidence
—This field indicates the specific type of evidence
that underlies the Issue. There are two primary Issue types:
—This field comes from Cortex Xpanse's scans
of the organization's Assets.
field comes from publicly available information including DNS records,
IP range registration records, content in certificates, and other
internet registration records.
For more information, see Available Issue Policies.
—These are the underlying
Assets associated with the Issue. Click the
title to see all information associated with that
—Clicking this link
will also take you to the corresponding Asset detail page.
the ownership link indicate the reason for attribution. This information
is copied from the Asset information.
Points of Contact
Asset has a point of contact, this information is displayed.
To add an Asset point of contact, click the
and scroll to the
Create new or add
. Assigning contacts to an asset is
critical to expedite Issue investigation and remediation.
Summary and Registration
—If the Issue is attributed to your organization
via an IP range, Cortex Xpanse provides IP registration details.
These details include the name, handle, and date Cortex Xpanse last ingested
registration info for this range. This is followed by the registration
—If the Issue is attributed
to your organization via a certificate, Cortex Xpanse provides certificate
details. These details include subject, issuer, fingerprint, and
—If the Issue is attributed to
your organization via a domain, Cortex Xpanse provides domain details.
These details include the exact domain associated with the Issue,
the attributed or parent domain, and key dates. This is followed
by domain registration details.
—The "business unit"
is the parent organization that owns the asset. This may be your
core company or one of your subsidiaries. A business unit assignment
occurs during the network mapping process. To change the business
unit assigned to a given asset, talk to your Engagement Manager.
—Tags are one of three means to
annotate assets. The other two options are points of contact and