At least five organizations had reports of findings reported by machine without associated vulnerabilities (at UTC-05 23-08-11 12:09 to 23-08-31 18:52: 26.7 days -time to recover-). The incident was detected reactively (at UTC-5 23-08-14 12:03: 3 days -time to detect-) by a user who found a finding with no vulnerabilities and reported it to our support team [1].
The error originated because some OpenSearch services exceeded their capacity limit, resulting in data processing and synchronization errors in DynamoDB during the update of the indexes of the lines of code to be reviewed. As a result, Machine was able to detect vulnerabilities and generate the findings, but could not determine which lines of code those findings should be associated with for reporting.
We made adjustments to the OpenSearch configuration to improve its performance by increasing the size of the machines associated with the service. In addition, we have modified the continuous implementation of a worker in charge of processing DynamoDB transmissions [2]. We will be monitoring the behavior of the service in the coming days to evaluate the results of these modifications.
Two issues were opened in order to avoid this type of failure in the future [3][4].
No tests are available for this type of flow. IMPOSSIBLE_TO_TEST