Open Port Findings Ingrid ⇤ Diligence Findings The Open Ports risk vector observes ports that are exposed to the Internet. While certain ports must be open to support normal business functions and few companies will actually have no ports open, the fewer ports that are exposed to the Internet, the fewer openings there are for attack. Navigation Options SPM App: Findings ➔ Findings Table CM App: Select a company from your Companies List. Go to Vendor Risk ➔ Findings Insurance App: Select a company from your Companies List. Go to Client Risk ➔ Findings Bitsight API: GET /v1/companies/entity_guid/findings?risk_vector=open_ports If you have several Network Address Translation (NAT) and Port Address Translation (PAT) zones among your findings, the source port for the IP address can help find the actual hosts. Finding Details The details include the data in Findings, Diligence details, and also the following information: Field Description ❖ Destination Port The number of the destination port identified in the finding. In Open Ports, it is the port associated with the service observed. Details Details about the finding. ❖ Final Location URL where headers were observed. Issue A summary of the finding. ❖ Product The product or service observed on the port. ❖Remediation Instructions How to resolve a negative finding. See how to verify that an Open Port finding has been remediated. Server The type of server using the port. Status The status code that indicates if the server was able to process the request sent by the client. Title The title of the webpage. ❖ Transport Method The transmission protocol (TCP or UDP) used in the connection. ❖ This field can be included in the table from the Customize Columns option. October 28, 2024: Findings Table navigation instructions moved from Risks to a new Findings section in the menu. January 18, 2024: Findings Table navigation by application. October 2, 2023: Added Final Location customizable column. Related articles Open Ports Risk Vector Open Port Finding Messages: Detected Services Remediation Verification: Open Ports Diligence Findings How is the Open Ports Risk Vector Assessed? Feedback 0 comments Please sign in to leave a comment.