Findings: Findings Table Ingrid The Findings Table [ Findings ➔ Findings Table] in the Security Posture Management application presents findings, which are the culmination of observed internet traffic and configurations. They are recorded as events and records. Findings are presented in a table view that provides a single place to sort, filter, analyze, comment on, track your remediation efforts, and export the findings.Findings are reported in Coordinated Universal Time (UTC).Bitsight API: GET /v1/companies/entity_guid/findings Finding Details Sheet & Tabs Actions Default Fields Risk Vector Fields Finding Details Sheet & TabsSelect a finding in the table to view the Finding Details sheet. It contains the following tabs: Details Attributed To Evidence History Actions“User assignment not allowed outside access group” error message Assign a User for Issue Tracking Instructions: Select Update Status to the right of a finding in the table to select it. Select the Edit option for Assigned To. Use the Select Users dropdown to select users to remediate the finding. If the company belongs to an Access Control Group, the assignee must also belong to the same group. Select Save. Bulk Actions The following bulk actions are available: Update Status: Assign users to remediate the finding. Leave a finding comment. Update remediation status. Rescan: Request a user-requested rescan. Instructions: Check up to 250 checkboxes next to a finding to select findings. Select the Bulk Action button at the top of the table. Change the Remediation Status Update the remediation status for Issue Tracking. Remediation status can only be changed by a user. See permissions. Instructions: Select Update Status to the right of a finding in the table to select it. Select the Edit option for Remediation Status. Use the Select Status dropdown to update the remediation status. See statuses. Select Save. Company Notes Add/view notes. Instructions: Select Actions ➔ Add/View Notes at the top-right of the Findings Table. Finding Comments Comment on the finding (finding comments). Instructions: Select the Comment option at the right of the finding in the table. Select the checkbox next to a finding, then select the Update Status button at the top of the table. Customize the Data Customize the data in the table. Use the Customize columns button at the top-right. This allows you to select the fields that are displayed in the Findings Table. Download Findings Data Download the findings table (.csv). Instructions: Use the Download button at the top-right. If the .csv contains 9000 or fewer rows of data, the download begins immediately. If the .csv contains greater than 9000 and less than 100,000 rows of data, the download runs asynchronously. When the download is ready, the user who requested it is notified with an email and a notification. Filter Instructions: Select the Filter button to expand or collapse the filters and then use a filter set or any of the available filters. See Findings Table filters. Use the Impacts RV Grade filter to see only findings that impact the risk vector grade. See omitted findings. Generate Reports The reports include: Executive Report Download Company Report Company Preview Report NIST CSF Report ISO/IEC 27001 Report Instructions: Select Reports at the top-right of the Findings Table. Highlight the Primary Rating Highlight the selected company as the primary. Instructions: Select the Actions dropdown at the top-right of the Findings Table. Select Configure Primary Rating. Select an available self-published rating. Select Save Changes. See Infrastructure user permissions. Request a Finding Rescan Request a finding rescan. Instructions: Select the Rescan option at the right of the finding in the table. Select the checkbox next to a finding, then select the Rescan button at the top of the table. Search Findings Instructions: Do a text search using the search bar at the top-right. Text with matches are highlighted. See search fields. View the Service Providers Sheet Instructions: Select Actions ➔ Service Providers at the top-right of the Findings Table. View the Products Sheet Instructions: Select Actions ➔ Products at the top-right of the Findings Table. Tag Assets Instructions: Select a finding to open the Finding Details sheet. Select the Tag Asset button in the Tags column of an asset in the Assets section of the sheet. Default FieldsThe following fields appear in the Findings Table by default. You can customize the table to include fields with finding details for specific risk vectors. Asset Importance The asset importance assigned to the asset associated with the finding. Assets The assets associated with the finding. An asset can be an IP Address, CIDR block, domain, or application. Assigned To The user assigned to be responsible for remediating the selected finding. See instructions for assigning users. Findings can be assigned only to users in your own Access Control Group. Attributed To The parent company and any subsidiaries the finding is attributed to. Comments Comments left on the finding. Country The country where the asset associated with the finding is located. [Date] First Seen The date when the finding was first observed. [Date] Last Seen The date when the finding was last observed. Details Details about the finding. Select the text for a more detailed explanation. Finding Identifier The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding. Refer to the Certificate Serial Number to identify TLS/SSL Certificate findings. Finding Severity The severity of the finding. Grace Period End Date The date the grace period for the infrastructure ends. Grade The current finding grade. Rescan The status of a user-requested finding rescan. See rescan statuses. The current status persists until a user requests a new rescan on the finding. The rescan status does not show the status of automated scans. Automated scans may update findings with new information that a user-requested rescan was not able to update. Finding rescan is available for select Diligence risk vectors. See the compatible risk vectors and rescan duration. Remaining Lifetime The remaining finding lifetime in days. Remediation Status Your current progress on remediating findings. See remediation statuses. Similar to finding comments and infrastructure tags, Remediation status does not apply across all companies in your ratings tree. Risk Vector The Bitsight risk vector. Status Updated The date when the Remediation Status or Assigned To fields were last changed. Tags Infrastructure tags assigned to this company. Blue tag = The tag is applied to a single IP. Gray tag = The tag is applied to the entire CIDR block. Impacts Risk Vector Grade Indicates whether a finding impacts the associated risk vector grade. Risk Vector FieldsThe finding details in the table vary depending on the risk vector. See details for: Compromised Systems Findings Botnet Infections Spam Propagation Malware Servers Unsolicited Communications Potentially Exploited Diligence SPF Domains DKIM Records TLS/SSL Certificates TLS/SSL Configurations Open Ports Web Application Headers Patching Cadence Insecure Systems Server Software Desktop Software Mobile Software DNSSEC Mobile Application Security Web Application Security Domain Squatting File Sharing (User Behavior Forensics) Public Disclosures March 25, 2026: Security Posture Management rebrand. September 9, 2025: Removed IPs to be remediated. August 29, 2025: Added IPs to be remediated. July 18, 2025: Policy for assigning users for findings in an Access Control Group. June 24, 2025: History tab. February 21, 2025: Grace Period End Date field. Related articles TLS/SSL Finding Remediation & Remediation Verification Remediation Status Verifying That a Finding Is Remediated Requesting a Rescan Setting a DMARC Policy Feedback 0 comments Please sign in to leave a comment.