Findings Table: Finding Details Sheet

The Finding Details sheet can be accessed in the Security Performance Management application from the Findings Table [ Findings ➔ Findings Table]. It includes details from the table and additional details about findings specific to each risk vector.

To open the Finding Details sheet, select a finding in the Findings Table.

Tabs in the Finding Details sheet:

• Details
• Attributed To
• Evidence
• History

Details Tab

The Details tab in the Finding Details sheet may contain the following sections and information:

• An overview of common fields:

  [Date] First Seen

  The date when this finding was first observed.

  [Date] Last Seen

  The date when this finding was last observed.

  Finding Identifier

  The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding.

  Finding Grade

  The current grade assigned to this finding.

  Impacts Risk Vector Grade

  Indicates if the finding impacts the risk vector grade.

  Lifetime

  Every finding has a lifetime that indicates how long it impacts the risk vector grade, depending on the particular risk vector. This is defined by the number of days a finding will impact the risk vector grade.

  Rolled Up ID

  A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession.

  Related Findings

  A list of findings with the same finding identifier and risk vector.

• Summary: A high level overview of issues that need to be fixed and a link to remediation tips. If there are no issues to fix, this section says “Aligned with best practices.”
• Details: Details about the finding.
• Rescan:

  Status

  The status of the rescan.

  Requested date

  The date the rescan was requested.

  Requested by

  The user who requested the rescan.

  Rescan Date

  The date the rescan result became available.

  Details

  A description of what happened during the rescan.

• Remediations: Finding details and remediation tips.
• Status History: The history of assigness and remediation statuses assigned to the finding.
• Assets: Asset details. See how assets are attributed to findings.
• Comments: Finding comments.

The details in the sheet vary depending on the risk vector. See details for:

• Compromised Systems Findings
  • Botnet Infections
  • Spam Propagation
  • Malware Servers
  • Unsolicited Communications
  • Potentially Exploited
• Diligence
  • SPF Domains
  • DKIM Records
  • TLS/SSL Certificates
  • TLS/SSL Configurations
  • Open Ports
  • Web Application Headers
  • Patching Cadence
  • Insecure Systems
  • Server Software
  • Desktop Software
  • Mobile Software
  • DNSSEC
  • Mobile Application Security
  • Web Application Security
  • Domain Squatting
• File Sharing (User Behavior Forensics)
• Public Disclosures

Attributed To Tab

The Attributed To tab in the Finding Details sheet presents findings attribution and the ratings tree.

Evidence Tab

With a Web Application Security finding, the Evidence tab is included in the Finding Details sheet. It presents all the failed and passed evidence associated with the finding. This evidence is collected as part of performing security tests on a web application. The tab displays the result of those tests along with helpful details when available.

History Tab

The History tab in the Finding Details sheet shows what happened to that finding (identified by the rolled-up ID). History is conveyed by:

• User-requested rescans
• Issue Tracking