Findings: Finding Details Sheet

The Finding Details sheet can be accessed in the Continuous Monitoring application from the Findings page [ Vendor Risk ➔ Findings]. It includes details from the table and additional details about findings specific to each risk vector.

To open the Finding Details sheet, select a finding in the table.

Overview Tab

The Details tab in the Finding Details sheet may contain the following sections and information:

• An overview of common fields:
  • [Date] First Seen = The date when this finding was first observed.
  • [Date] Last Seen = The date when this finding was last observed.
  • Finding Grade = The current grade assigned to this finding.
  • Finding Identifier = The asset (e.g., IP, domain, host, application, port) and its status (e.g. online/offline, version, support status) that identifies the finding.
  • Impacts Risk Vector Grade = Indicates if the finding impacts the risk vector grade.
  • Lifetime = Every finding has a lifetime that indicates how long it impacts the risk vector grade, depending on the particular risk vector. This is defined by the number of days a finding will impact the risk vector grade.
  • Rolled Up ID = A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession.
• Summary: A high level overview of issues that need to be fixed and a link to remediation tips. If there are no issues to fix, this section says “Aligned with best practices.”
• Details: Details about the finding.
• Rescan:
  • Status = The status of the rescan.
  • Requested date = The date the rescan was requested.
  • Requested by = The user who requested the rescan.
  • Rescan Date = The date the rescan result became available.
  • Details = A description of what happened during the rescan.
• Remediations: Finding details and remediation tips.
• Assets: Asset details. See how assets are attributed to findings.
• Comments: Finding comments.
• Related Findings: A list of findings with the same finding identifier and risk vector.

Asset Tab

The Asset in the Findings Details sheet includes:

• Assets: Identifies the assets that are attributed to findings. See how assets are attributed to findings.
• Attribution Reasons: Provides why the asset has been attributed to this finding. Reasons can include manual research or added in by Customer Request.
• Subsidiaries: Shows findings attribution on the ratings tree.

Tags: Applied to the assets associated with the finding.

Threat Insights Tab

Indicates whether a finding has Threat Insights data available.

When threat insights data is available for the finding, a new tab appears in the Finding detail view showing:

• Affected Industries and Geographies: Details the sectors and locations that the associated threat actors are known to target.
• Threat Behaviors: Indicates the TTPs (MITRE ATT&CK tactic and technique)
  • This mapping reflects how attackers typically exploit the underlying weakness, not whether exploitation has occurred in your environment.
• Threat Actor: Identifies the Threat Groups that are known for exploiting the TTPs indicated above
  • This information is contextual, not deterministic. It does not mean your organization is actively targeted by these groups.

Risk Vector Specific Details

The details in the sheet vary depending on the risk vector. See details for:

• Compromised Systems Findings
  • Botnet Infections
  • Spam Propagation
  • Malware Servers
  • Unsolicited Communications
  • Potentially Exploited
• Diligence
  • SPF Domains
  • DKIM Records
  • TLS/SSL Certificates
  • TLS/SSL Configurations
  • Open Ports
  • Web Application Headers
  • Patching Cadence
  • Insecure Systems
  • Server Software
  • Desktop Software
  • Mobile Software
  • DNSSEC
  • Mobile Application Security
  • Web Application Security
  • Domain Squatting
• File Sharing (User Behavior Forensics)
• Public Disclosures