Issue Lifecycle
Issue Lifecycle
Every issue in FortWatch follows a defined lifecycle from creation to resolution. Understanding this lifecycle helps you manage your security workflow effectively.
Issue Statuses
- Open — The issue has been identified and needs attention. This is the default status when an issue is created.
- In Progress — Someone is actively working on resolving the issue.
- Resolved — The issue has been fixed. If a subsequent scan still detects the same vulnerability, the issue will be reopened.
- Dismissed — The issue has been acknowledged but intentionally set aside. See the Dismissing Issues article for details.
Automatic Issue Creation
Issues are automatically created when:
- A scan produces a finding with Critical or High severity.
- No existing open or in-progress issue matches the same vulnerability type and asset.
This ensures critical and high-severity findings always have a tracked action item without requiring manual intervention.
Working an Issue
A typical issue workflow looks like this:
- Review — Read the issue details, including the underlying finding, severity, and affected assets.
- Analyze — Use AI Analysis to get remediation guidance and understand the risk.
- Fix — Apply the recommended remediation steps on your infrastructure.
- Rescan — Run a manual scan to verify the fix. If the vulnerability is no longer detected, the finding will not appear in the new scan results.
- Resolve — Mark the issue as resolved.
Issue Reopening
If a resolved issue's underlying vulnerability is detected again in a subsequent scan, FortWatch will automatically reopen the issue. This prevents resolved issues from silently regressing.
Multi-Asset Issues
A single issue can be linked to multiple assets if the same vulnerability is found across several targets. The issue will show all affected assets, and resolving it implies the fix has been applied everywhere.