Insecure System Findings Ingrid ⇤ Diligence Findings The Insecure Systems risk vector assesses endpoints (which can be any computer, server, device, system, or appliance with internet access) that are communicating with an unintended destination. The software of these endpoints may be outdated, tampered, or misconfigured. A system is classified as “insecure” when these endpoints try to communicate with a web domain that doesn’t yet exist or isn’t registered to anyone. Navigation Options SPM App: Findings ➔ Findings Table CM App: Select a company from your Companies List. Go to Vendor Risk ➔ Findings Insurance App: Select a company from your Companies List. Go to Client Risk ➔ Findings Bitsight API: GET /v1/companies/company_guid/findings?risk_vector=insecure_systems Finding Details The details include the data in Findings, Diligence details, and also the following information: Field Description Event Detail A summary of the finding. Path Info The URL path. Risks A description of the risks involved with the system. Server Name The domain name of the affected server. It is known to be a command and control server, sinkhole, or is hosting adware. Severity Level Finding severity, which is a measurement of the amount of risk that the finding introduces. Source IP The source IP address. Source Port The source port number. User-Agent The user’s browser details. October 29, 2024: Findings Table navigation instructions moved from Risks to a new Findings section in the menu. April 8, 2021: Published. Related articles Insecure Systems Risk Vector Diligence Findings Rating Types Types of Insecure Systems Finding Behavior Feedback 0 comments Please sign in to leave a comment.