Skip to content

Issue and Instance fundamentals

When you upload a trace, AQtive Guard evaluates the discovered cryptography against the rule settings in the selected profile. Each time we assess an occurrence of a rule, the results are recorded as an Instance within the corresponding Issue. Consequently, an Issue may contain multiple Instances.

Example

  1. An analysis Profile contains settings for rule 63. Invalid certificate.
  2. Each time a certificate is discovered:
    • it is assessed against the Profile.
    • the results are logged as an Instance of rule 63.
  3. All of the evaluated Instances are accrued within the Issue for rule 63.

Issue and Instance status

During discovery and analysis, Issues are categorized according to the status of their Instances.

  • Failed:
    • Instance - a cryptographic element did not meet profile settings for the evaluated rule.
    • Issue - one or more Instances of the evaluated rule failed to meet its profile settings.
  • Passed:
    • Instance - a cryptographic element met profile settings.
    • Issue - every Instance of the evaluated rule met its profile settings.
  • Disabled - the rule was turned off in the profile settings.
  • Filtered - all Instances of the rule were excluded by Exceptions settings.
  • N/A - no Instances of the rule were discovered.

Failed Instance severity

When an Instance fails the analysis, the Profile rule settings determine its severity:

  • High (red)
  • Medium (orange)
  • Low (yellow)

Failed Issue Status

The status of a failed Issue reflects the most severe instance of its rule, regardless of the total number of instances logged.

Example

  1. An analysis reported 6 Instances of the Issue: Key is a fixed string of all 0s.
  2. Of the 6 Instances:
    • 1 instance failed with High severity
    • 5 instances passed
  3. The Issue is reported as High severity, reflecting the single high-severity instance.

Viewing Issues and Instances

To view issues, navigate to the Projects tab, the project Overview, or Reports. Here, you can select an Issue to view the number of Instances discovered and the status of each Instance.

Depending on the type of analysis, selecting an instance can provide additional information, such as:

  • Operations
  • Calls
  • Code locations
  • Free form details
  • Remediation details

Note

If two instances have the same four stack traces at the top of the stack and share the same type and algorithm, they’ll be merged in the analysis.

For more details on how issues and instances work and are used in AQtive Guard, refer to Report fundamentals and Exception fundamentals.