Inconsistent number of typologies displayed in group view
Incident Report for Fluid Attacks
Postmortem

Impact

In at least one group, an inconsistent count of vulnerability typologies was observed in the group view. The issue started on UTC-5 22-12-05 18:57 and was reactively discovered 9.4 months (TTD) later by a user who reported through our help desk [1] that upon entering the group view, the "Vulnerabilities" column displayed 2 Types Found, while only one vulnerability and typology were present within the group. The problem was resolved in 19.2 hours (TTF) resulting in a total impact of 9.4 months (TTR).

Cause

It was identified that the findings used to calculate the indicator in the group view were stored in a table updated through a scheduled task running daily at UTC-5 09:00 and UTC-5 18:00 [2]. Consequently, at the time the user accessed the platform, the actual number of vulnerabilities had changed, but the indicator had not yet been updated to reflect this change.

Solution

The indicator was automatically updated shortly after UTC-5 18:00, to display the correct values. Additionally, to prevent future inconsistencies, the field was modified to source findings from a table with real-time data [3].

Conclusion

The inconsistency in the indicator stemmed from its reliance on a table with periodic updates rather than real-time data. Tests did not flag this behavior as anomalous, since it was considered normal. However, the tests have since been updated to prevent a recurrence of this issue. MISSING_TEST

Posted Sep 15, 2023 - 18:14 GMT-05:00
Resolved
The typology count has been updated and the correct quantities can now be seen.
Posted Sep 15, 2023 - 13:02 GMT-05:00
Identified
Situations with a number of typologies shown in the group view are different from the actual number of typologies.
Posted Sep 14, 2023 - 17:54 GMT-05:00
This incident affected: Platform.
Current Status Powered by Atlassian Statuspage