Findings Search Fields Ingrid Compatible fields when searching findings: Field Description Supported Risk Vectors Application Name The name of the mobile application. Mobile Application Security App Version The version of the mobile application analyzed in this finding. Mobile Application Security Browser The family of the browser detected. Desktop Software Browser Grade Grade based on the support status of the detected browser version. Desktop Software Browser Support Whether the detected browser is supported or unsupported. Desktop Software Browser Version The version of the browser detected. Desktop Software Certificate Issuer The certificate authority that issued this certificate. TLS/SSL Certificates TLS/SSL Configurations Certificate Serial Number The serial number of this certificate in decimal format. This can be used for internal investigation. TLS/SSL Certificates TLS/SSL Configurations CVSS Score The severity of the vulnerability, on a scale of 0.1 (better) to 10.0 (worst). Mobile Application Security Details Information about the nature of the finding. All risk vectors. Compromised Systems, User Behavior, and Web App Header risk vectors are not yet searchable. Use the Infection Family and Category filters to get the most relevant information regarding the Compromised Systems and User Behavior risk vectors. Detection Mechanism This method was used to detect the infection. Compromised Systems Destination Port The number of the destination port identified in the finding. In Compromised Systems, this is the port that the compromised device reached out to. In Open Ports, it is the port associated with the service observed. Compromised Systems Open Ports Diffie-Hellman Prime Name Named Diffie-Hellman primes are published values, sourced from software libraries or other publications, used during key exchange. TLS/SSL Configurations Domain The domain of the organization that published the mobile application described in the finding. Mobile Application Security Email Subject An email with this subject was sent from the company's network, indicating a compromised mail server or email account. Compromised Systems Observed Devices Number of observed devices with the Operating System and Browser (based on visible web activity). Desktop Software Mobile Software Final Location URL where headers were observed. TLS/SSL Certificate Findings TLS/SSL Configuration Findings Open Port Findings Web Application Headers Finding Identifier The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding. All risk vectors. Refer to the Certificate Serial Number to identify TLS/SSL Certificate findings. GeoIP Location Country where the IP address involved in this event resides. Compromised Systems Grade The finding grade. Diligence risk vectors. Malware Type Basic information specific to the type of event. Compromised System risk vectors. Number of Scans Observed IP IP addresses where the certificate was seen, on the most recent day. TLS/SSL Certificates TLS/SSL Configurations OS The family of the detected operating system. Desktop Software OS Version The version of the operating system detected. Desktop Software OS Grade Grade based on the support status of the detected OS version. Desktop Software OS Support Whether the detected operating system is supported or unsupported. Desktop Software Ports Product The product or service observed on this port. Open Ports Risk Vector Name of the finding's Risk Vector. All risk vectors. Server Name The domain name of the affected server. It is known to be a command and control server, sinkhole, or is hosting adware. Compromised System risk vectors. Server Type The type of server software using this port. Server Software Server Version The version of the server software detected. Server Software Spam Type The method or tool used to send spam. Spam Propagation Source Port A compromised device was observed sending traffic from this port. Compromised System risk vectors. Transport Method The transport protocol (TCP or UDP) for this open port. Open Ports Trusted Proxy Address Botnet communication can be captured from a Trusted traffic redirection Proxy, containing XFF details on the original source IP address. Compromised System risk vectors. User Agent Malware can use the User Agent HTTP header to transmit information about itself or the compromised system to command and control servers. Compromised System risk vectors. Vulnerability Name of the vulnerability. Patching Cadence August 28, 2025: Observed devices. May 29, 2024: Certificate Serial Number replaces Finding Identifier as the TLS/SSL Certificates finding identifier. October 2, 2023: Added new supported risk vectors to the Final Location field. May 16, 2023: Published. Related articles Compromised System Findings Finding Behavior Finding Severity A Guide to Navigating and Prioritizing Bitsight Risk Categories & Risk Vectors Risk Categories: Overview Feedback 0 comments Please sign in to leave a comment.