Recast Rule Details

To view Recast rule details:

  1. On the Recast page, click any recast rule.

    The recast rule details pane appears.

  2. Click the button to expand the pane.

    The name of the pane is determined by the Name field in the recast rule.

The upper part of the recast rule details page contains the following information.

Attribute

Recast Rule Type

Description

Original Severity

Vulnerabilities, Web Applications

The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR.

New Severity

Vulnerabilities, Web Applications

The updated severity defined by the recast rule. Values are Critical, High, Medium, Low, Info.

Key Properties

All

Includes the user that created the rule (Created By), the last time the rule was applied (Last Applied), and the number of findings that matched the Criteria query (# of Matches).
Compliance Result Host Audits

The result for each item in a configuration audit. A Passed result means that the control or recommendation that was being tested passed the test. A Failed result means that the control or recommendation that was being tested did not pass the test. A Warning result means that the control or recommendation that was being tested was not testable through automation, required human intervention/review, or an error occurred.

The lower part of the recast rule details page is divided into tabs. The information on these tabs depends on the type of recast rule for which you are viewing details.

Tab

Description
Summary

A description of the corresponding vulnerability.

  • Criteria shows the query that is in the Criteria column.

  • Details shows fields that were populated when the rule was added. See Add Recast Rules for more information.

  • Description is optionally shown if the Description box was populated for this rule.

  • Host Audits Information shows the associated Audit File, Audit Name, Original Result, and Updated Result for Host Audits Change Results.

  • Original Risk Information shows the CVSSv2, CVSSv3, CVSSv4, or VPR Base Scores and Vectors.
Assets A table listing the assets captured by the Criteria query.

Findings

A table listing the findings captured by the Criteria query.
Related Rules

For Vulnerabilities and Web Applications, rules are related if they match one or more of these conditions:

  • They have a common clause in the Criteria query.

  • They affect the same Plugin ID.

  • They have at least one common finding that is matched by the rules (the rule that ran last will be the one updating the finding's severity).

For Host Audits, rules are related if they share an Audit File or Audit Name.