Inconsistent number of typologies displayed in group view
Incident Report for Fluid Attacks
Postmortem

Impact

In at least one group, an inconsistent count of vulnerability typologies was observed in the group view (UTC-05 22-12-06 18:57 to 23-09-15 13:02: 9.3 months -time to recover-). The incident was detected reactively (at UTC-5 23-09-14 17:54: 9.3 months -time to detect-) by a user who reported through our help desk [1] that when entering the group view he saw that the "Vulnerabilities" column of one of his groups had the value `2 Types Found, however when entering the group there was only one vulnerability and therefore only one typology.

Cause

It was identified that the findings used to calculate the indicator in the group view were stored in a table whose data is updated through a scheduled task that runs daily at UTC-5 09:00 and UTC-5 18:00 [2], so at the time the user logged into the platform the actual number of vulnerabilities had changed but the indicator had not yet been updated.

Solution

The indicator was updated automatically so that shortly after UTC-5 18:00 the correct values could be seen. However, to avoid a repeat of the inconsistency, the field was modified so that the findings are now taken from a table with real-time data [3].

Conclusion

The indicator was inconsistent as it was being taken from a table with a periodic update instead of real-time, this was not detected by tests as an anomaly because it was the normal behavior, however, the tests were updated to prevent a similar situation from happening again. MISSING_TEST

Posted Sep 15, 2023 - 18:14 GMT-05:00
Resolved
The typology count has been updated and the correct quantities can now be seen.
Posted Sep 15, 2023 - 13:02 GMT-05:00
Identified
Situations with a number of typologies shown in the group view are different from the actual number of typologies.
Posted Sep 14, 2023 - 17:54 GMT-05:00
This incident affected: Platform.
Current Status Powered by Atlassian Statuspage