Report Classification

Overview

Fortworx automatically classifies inbound emails into two types: Vulnerability reports and Enquiry (security questionnaires). This classification determines how the report is handled and what workflows are available.

Report Types

Vulnerability

A vulnerability report describes a security issue found in your application or infrastructure. These reports go through the standard vulnerability handling workflow: triage, investigation, resolution, and optional bounty.

Enquiry

An enquiry is a security questionnaire or compliance request — for example, a SOC2 questionnaire or a customer asking about your security practices. Enquiries are detected automatically and can be handled with a different workflow than vulnerability reports.

How Classification Works

When an email arrives at your workspace, Fort AI analyzes the content and classifies it as either a vulnerability report or an enquiry. The classification appears as a badge on the report.

Manual Reclassification

If Fort AI misclassifies a report, you can manually change its type from the report detail page using the classification panel. For example, if a security questionnaire is mistakenly classified as a vulnerability, you can reclassify it as an enquiry.