Each Issue has the following standard components. For
more details on each component, see List View and Detail View:
—Combination of the
, such as Insecure TLS, and either a
as dev.acme.com, or an
. Issues on a customer’s
On-premise IP Range include the corresponding IP in the Issue Name.
If the Issue is hosted in the Cloud and attributed via a Domain,
then the corresponding domain appears in the
Issue Names end with the port number. IP and Domain are also available
as separate fields for API usage.
. Cortex Xpanse automatically sets
a priority upon Issue creation. Users can then modify the priority
of an Issue as they see fit. A custom default priority for all new
Issues of a given type can be set on the
Each designation includes different progress status settings, such
—You may assign an Issue to
any Expander user. If the assignee turns on Email Digests, they will
receive all updates to their assigned Issues.
—This is the date that Cortex
Xpanse first identified the Issue.
—Cortex Xpanse bases evidence
on our scan results. The evidence varies with the kind of Asset
and evidence type. Evidence is available in the Issue Detail view
and via the Expander API.
include all associated Assets. There is additional information for
each Asset, including
Cloud Management Status
—An issue's cloud
management status tells you if the asset underlying the issue has
been onboarded into the Prisma Cloud instance(s) that you have connected
to Expander. To connect a Prisma Cloud instance, see Prisma Cloud API Connectors. The
has three possible values:
(the underlying asset is not in Prisma Cloud),
(the underlying asset is in Prisma Cloud), and
(the distinction is not relevant). You can
filter by cloud management status in either the Services UI or API.