Bug description
When the SLA of a vulnerability is breached it seems like the vulnerability is not count as open anymore, even though it still was not mitigated/handled.
Steps to reproduce
Steps to reproduce the behavior:
Go to a product and see the metrics:
As you can see there are 4 active findings and the metrics also says that they are 4:
Now go to the findings and edit a finding so it breaches the SLA, for example I did this with the "Test" finding, which is still listed in the tabs open findings:
Go back to metrics and you will see only 3 open findings even though the findings tab still show 4 and you have seen before that there are 4 open findings:
Expected behavior
A finding that breached the SLA should still be shown in the metrics as an open finding till it is really inactive/mitigated.
I think the problem here is that you are changing the date of the finding before the date of the test/engagement. It only displays metrics for findings from the start date of the test/engagement.
Bug description When the SLA of a vulnerability is breached it seems like the vulnerability is not count as open anymore, even though it still was not mitigated/handled.
Steps to reproduce Steps to reproduce the behavior:
Expected behavior A finding that breached the SLA should still be shown in the metrics as an open finding till it is really inactive/mitigated.
Deployment method (select with an
X
)Environment information