- October 18, 2021: Added customizable columns.
- April 8, 2021: Added fields and their descriptions.
The Open Ports risk vector observes ports that are exposed to the Internet. While certain ports must be open to support normal business functions and few companies will actually have no ports open, the fewer ports that are exposed to the Internet, the fewer openings there are for attack.
View findings from the Findings page or the Bitsight API.
If you have several Network Address Translation (NAT) and Port Address Translation (PAT) zones among your findings, the source port for the IP address can help find the actual hosts.
Port numbers are often available with the Forensics add-on package. If you do not have Forensics, please contact your sales representative.
Finding Details
The details include the data in Findings, Diligence details, and also the following information:
| Field | Description |
|---|---|
| Destination Port❖ | The number of the destination port identified in the finding. In Open Ports, it is the port associated with the service observed. |
| Details | Details about the finding. |
| Issue | A summary of the finding. |
| Product❖ | The product or service observed on the port. |
| Remediation Instructions❖ | How to resolve a negative finding. See how to verify that an Open Port finding has been remediated. |
| Server | The type of server using the port. |
| Status | The status code that indicates if the server was able to process the request sent by the client. |
| Title | The title of the webpage. |
| Transport Method❖ | The transmission protocol (TCP or UDP) used in the connection. |
❖ This field can be included in the table from the Customize Columns option.