Skip to main content

Findings

Findings represent vulnerabilities identified during target scans. You can analyze and take action on findings and, to help you decide what to do, each finding comes with contextual information, namely:

  • A classification of the severity level.
  • A description of the identified vulnerability.
  • The evidence of the vulnerability.
  • The executed requests and the obtained responses.
  • A suggestion on how to fix the vulnerability.

Learn more about findings in these articles:

Funtionality​

The endpoints under Findings provide the following functionality:

  • Account Level

    • List findings of the account, i.e., findings of all targets of the account.
    • Retrieve a finding of the account.
    • Update findings of the account, one by one or in bulk.
    • Re-test findings of the account in bulk.

  • Target Level

    • List findings of a target.
    • Retrieve findings of a target.
    • Update findings of the target, one by one or in bulk.
    • Re-test findings of a target, one by one or in bulk.
    • List the activity of a finding of a target.

Important Notes​

Some relevant information when using Findings:

  • Findings are only created for vulnerabilities not identified in previous scans.
  • If a vulnerability was identified in a previous scan, the following scans that identify it again simply update the respective finding.
  • If a scan can no longer identify a vulnerability, the respective finding is marked as Fixed.
  • In a re-test, if the identified vulnerability is not replicated, the finding is marked as Fixed.

Further functionality related to Findings is provided in the following tags:

  • Targets - Start target scans.
  • Scans - Manage target scans.
  • Reports - Produce reports on findings from target scans.
  • Vulnerabilities - List and retrieve vulnerabilities definitions.