Skip to main content

Mini Map

After a project is scanned, multiple vulnerabilities might be detected. The Mini Map, a small panel with a simple graphic display of the result flow, is provided to help you understand the impact of these vulnerabilities on the microservices. The Mini Map is located on the Vulnerability page.

To view results using the Mini Map

  • Click a vulnerability in a service that is part of a service flow, for example when you click the Blind_SQL_Injection vulnerability, encountered in the bank_storage_new service as illustrated below...

    MiniMap_1.png

    ...the Vulnerability page opens with the Mini Map panel at the right side of the page, as shown below.

    MiniMap_2.png

For convenience, the Mini Map can be collapsed like this:

MiniMap_3.png

Using the Mini Map, you can navigate among the following:

MiniMap_4.png

If a vulnerability is part of a service flow, the Mini Map displays flows. If it is not part of a service flow, the Mini Map displays No Data as illustrated below.

Note

For IAST v3.10 and later, when Flows w/o Inputs :flows: is enabled, result flows that do not impact the services are filtered out to avoid crowding the user interface.

Navigating among result flows

Using the pagination at the bottom of Mini Map, you can navigate between different API/result/vulnerability flows that are part of a service flow which contain the selected vulnerability.

For example, the following two Mini Maps show you the same selected vulnerability, but after paging through different flows:

MiniMap_5.png
MiniMap_6.png

If you selected an SQL_Injection block in the Mini Map and you page through the different flows, it would be similar to going to the Result Flows page and only examining the flows with SQL_Injection vulnerabilities, as illustrated below.

MiniMap_7.png

Navigating among Service Flows

  1. Click Select Service Flow at the top of the Mini Map. A popup, similar to the following, appears with the available service flows that contain the selected vulnerability.

  2. Select the flow that you want to examine.

MiniMap_8.png

Whenever you select a different flow in the Service Flows popup, the Mini Map reflects the changes in the selected service flow, showing the selected vulnerability and, if relevant, a flow of a different length. For example, the following Mini Maps show different service flow lengths:

MiniMap_9.png
MiniMap_10.png

Navigating among Vulnerabilities across Different Services

On the Mini Map, click the service block labeled with the desired vulnerability, for example SSRF. The Vulnerability page displays information about the selected vulnerability.

MiniMap_11.png

Clicking on a different block, such as the bottom block labeled SQL Injection in the above screenshot, will open a different Vulnerability page, such as the one illustrated below.

MiniMap_12.png