Understand the secrets issues table - Administrator Guide - Cortex Cloud Posture Management - Cortex CLOUD

Severity

The severity level assigned to the secrets issue: Critical, High, Medium, Low, Informational, or Unknown. Severity is determined by the detection rule and may be overridden by a matched unified policy

Name

The descriptive name of the secrets issue (such as AWS access key detected in code). The Name column serves as the primary identifier for the issue

File Path

The path to the source code file containing the exposed secret, including the affected line range (such as /config/settings.py (42-42))

Branch

The repository branch where the secret was detected (such as main)

Created

The timestamp when the issue was first detected

Secret Type

The classification of the detected secret (such as AWS Access Key, GitHub Token, Stripe API Key, Slack Bot Token)

Prioritization Labels

Contextual labels that indicate risk-amplifying factors such as repository visibility, validation status, or application criticality

Data Source

The VCS provider where the repository is hosted (GitHub, GitLab, Bitbucket, Azure DevOps, and variants)

Last Updated

The timestamp of the most recent update to the issue

Alert Description

A detailed description of the exposed secret and the recommended remediation steps

Asset ID

The internal identifier of the secrets asset

Detection Method

The scanner that detected the secret (CAS_SECRET_SCANNER)

Alert Source

The originating scanner source

Git User

The Git author associated with the commit that introduced the secret

Finding ID

The unique identifier of the underlying finding

Issue ID

The internal issue identifier used for API operations and cross-referencing

Manual Fix Suggestion

The recommended manual remediation steps, including secret revocation and rotation guidance

Rule ID

The detection rule identifier (such as APPSEC_SECRET_166, APPSEC_SECRET_180, APPSEC_SECRET_226)

Code Lines

The specific line range within the file where the exposed secret occurs

Domain Provider

The cloud provider domain associated with the secret

Code Block

The source code snippet containing the exposed secret

Code Highlights

The specific lines within the code block that are flagged

Domain

The security domain classification (such as POSTURE)

Assignee

The user assigned to remediate the issue

Assignee Name

The display name of the assigned user

Resolution Status

The current resolution state: New, In Progress, or Resolved

Resolution Comment

The comment provided when the resolution status was changed

Original Severity

The severity assigned by the detection rule before any policy override

Provider Link

A direct link to the file in the VCS provider

Secret Validation

The validation status of the detected secret - see Secrets validation below for more details

Rule ID Link

A link to the detection rule documentation

Finding Category

The category classification of the finding (such as Application Security)

Subcategory

The subcategory classification of the finding

Tags

User-defined or system-generated tags applied to the issue