Correlation Overview
Visualizing correlations between identified threats and detected vulnerabilities
Unvalidated SQL Query in UserController.java
SAST
Reflected XSS in search.js
DAST
Outdated jQuery Library (CVE-2020-11023)
SCA
Hardcoded API Key in config.js
SAST
Missing CSRF Protection
DAST
Weak Password Policy
SAST
Insecure Cookie Settings
DAST
SQL Injection
Injection
Cross-Site Scripting
Injection
Insecure Direct Object References
Broken Access Control
Sensitive Data Exposure
Cryptographic Failures
Broken Authentication
Authentication
Correlation Types:
Direct Impact
Indirect Impact
Related
Mitigated By
Fidelity:
High
Medium
Low
Correlation Statistics
Summary of threat and vulnerability correlations
Threats
12
Vulnerabilities
28
Correlations
18
Coverage
Threats with correlations75%
Vulnerabilities with correlations64%
Correlation Types
Direct Impact
8
Indirect Impact
4
Related
5
Mitigated By
1
Correlation Fidelity
High
9
Medium
6
Low
3
Top Threats by Correlations
SQL Injection
4
Broken Authentication
3
Cross-Site Scripting
3
Identified Threats
12
Select a threat to view correlations
SQL Injection
Attacker can inject malicious SQL code via unvalidated user inputs, potentially accessing, modifying, or deleting data in the database.
Injection
Cross-Site Scripting
Attacker can inject malicious scripts that execute in users' browsers, potentially stealing session tokens or other sensitive information.
Injection
Insecure Direct Object References
Attacker can manipulate references to access unauthorized resources or data belonging to other users.
Broken Access Control
Sensitive Data Exposure
Application does not properly protect sensitive data such as financial information, healthcare records, or credentials, allowing attackers to view or steal this data.
Cryptographic Failures
Broken Authentication
Flaws in authentication mechanisms allow attackers to assume other users' identities or access sensitive functions and data.
Authentication
Correlation Details
Select a threat or vulnerability to view correlation details
No Correlation Selected
Select a threat or vulnerability from the lists to view correlation details.