Diligence Report Jessica ⇤ Reports Overview This report shows Diligence event details, including evidence, grade, start date, end date, and risk vector specific information. Generating this Report Open the Reports page in the SPM app. Locate the Diligence card. Mouseover the card and select Create. Select the checkbox to indicate whether or not to limit the report to events that impact risk vector grades. Select a company from the list. You can use the available filters or the search field to quickly find a specific company. Select risk vectors or tags to include in the report. Select View to generate the report. Once generated, you can edit, save, schedule, or download the report. You must download this report to view it. If you select multiple risk vectors while creating the report, a report is generated for each risk vector as a separate .csv file. The group of .csv files is downloaded in a .zip folder. Reading this Report This report generates a .csv of event details for each risk vector selected. All Diligence reports include the following columns: Column Name Description Risk Vector The risk vector associated with the event. First Seen The date of the first observation. Last Seen The date of the most recent observation. Host The host IP where the event was observed. Impacts Grade Indicates whether the event impacts the risk vector grade. Grade The risk vector grade assigned to the event. Details Details of the event. Remediation Instructions The recommended remediation instructions. Tags Tags assigned to the IP address associated with the event. Comments A thread of comments about the event. Reports for some risk vectors include columns specific to that risk vector. These are listed in the tables below. Desktop Software Column Name Description OS The detected OS. OS Version The current version of the detected OS. OS Grade An assessment of the detected OS based on the version’s support status. OS Support The support status of the current OS version. Browser The detected browser. Browser Version The current version of the detected browser. Browser Grade An assessment of the detected browser based on the version’s support status. Browser Support The support status of the current browser version. Observed Devices The number of observed devices (based on visible web activity). Host IPs Origin of the request(s). Sample of the host IPs detected using this combination of Operating System and Browser. Mobile Software Column Name Description OS The detected OS. OS Version The current version of the detected OS. OS Grade An assessment of the detected OS based on the version’s support status. OS Support The support status of the current OS version. Browser The detected browser. Browser Version The current version of the detected browser. Browser Grade An assessment of the detected browser based on the version’s support status. Browser Support The support status of the current browser version. Host IPs Origin of the request(s). Sample of the host IPs detected using this combination of Operating System and Browser. Open Ports Column Name Description Ports The number of the destination port identified in the finding. In Open Ports, it is the port associated with the service observed. Product The product or service observed on the port. Transport Method The transmission protocol (TCP or UDP) used in the connection. Patching Cadence Column Name Description Vulnerability The vulnerability name, as logged in the National Vulnerability Database (NVD). Remediated Indicates if a vulnerability is remediated. Server Software Column Name Description Ports Ports where the server software was detected. Type The type of server software package. Version The current version of the server software package. SSL Certificates Column Name Description Key Evidence The hostname or IP address associated with the certificate. Certificate start date The date when the certificate’s validity begins. Certificate end date The date when the certificate’s validity expires. Key Length (bits) The length of the key used to sign this certificate. Key Algorithm The cryptographic algorithm used to generate the key. Signing Algorithm The cryptographic algorithm used to sign this certificate. Issuer The certificate authority that issued this certificate. Subject Information describing the host secured by this certificate. Subject Alternate Names The domain names secured by this certificate. Serial Number The serial number of this certificate in decimal format. SSL Certificate Source IP addresses where the certificate was seen on the most recent day. SSL Configurations Column Name Description Belongs to service provider?* The IP in this finding belongs to a service provider, but is being used by the organization with the finding. Diffie-Hellman Prime Name Named Diffie-Hellman primes are published values, sourced from software libraries or other publications, used during key exchange. Diffie-Hellman Prime The Diffie-Hellman prime (start and end) used for key negotiation. Diffie-Hellman Prime Length The number of bits in the Diffie-Hellman prime. Name The distinguished name of the owner (host) of the certificate. Subject Information describing the host secured by this certificate. Issuer The certificate authority that issued this certificate. Serial Number The serial number of this certificate in decimal format. Web Application Headers Column Name Description Final Location URL where headers were observed. Cache-Control Indicates if the Cache-Control header is missing. Content-Security-Policy Indicates if the Content-Security-Policy header is missing. Strict-Transport-Security Indicates whether the Strict-Transport-Security header is missing. X-Content-Type-Options Indicates if the X-Content-Type-Options header is missing. Sample IP Addresses IP addresses associated with the event. Web Application Security Column Name Description Assessment Name Name of the assessment. Failed Evidence The amount of failed evidence associated with the finding. Total Evidence The total amount of evidence associated with the finding. August 28, 2025: Observed devices. August 15, 2024: Published. Related articles Reports Repository Forensics Report Portfolio Vulnerabilities Report Quick Share for Reports Rating Details Feedback 0 comments Please sign in to leave a comment.