Finding Rescan: Asset Not Found and Assumed Remediated

Asset Not Found and Assumed Remediated are the finding rescan statuses that can be returned after a user-requested finding rescan. They indicate that we are unable to reach an asset or unable to locate new information to update the associated finding. For certain risk vectors, we assume that the finding was remediated. If you receive these statuses, additional information is provided in the finding details section to clarify what happened.

We can’t guarantee visibility into every record associated with a company. External factors, such as firewall configurations and site availability, impact our ability to update findings.

Asset Not Reached finding rescan status, Asset Not Found finding rescan status

Expected Rescan Status from Remediations

These statuses are expected for certain remediations. If you receive the Asset Not Found status outside of the examples provided in the table below, confirm that the asset is reachable, not slow to respond, and our scans are not blocked (see Troubleshooting).

TLS/SSL Certificates

We were unable to gather any data on the TLS/SSL Certificate finding to determine if the certificate is in place and whether it’s properly configured.

The certificate was taken offline.

Rescan expectation: No finding detected. The rescan status is Assumed Remediated.

Rescan finding behavior: Finding’s last seen date remains unchanged. The finding will continue to impact the rating for its remaining lifetime and will drop off after it completes its remaining lifetime.

The certificate was updated or replaced.

Rescan expectation:

• The rescan locates new information and generates a new finding.
• The old finding’s status is Assumed Remediated.

Rescan finding behavior:

• When an expired certificate is updated or replaced, it generates a new finding due to the different serial number.
• The previous finding needs to complete its remaining lifetime before it drops off from the rating.

The finding identifier may change depending on the Subject Alternative Names (SAN).

TLS/SSL Configurations

The certificate was taken offline.

Rescan expectation: No finding detected. The rescan status is Remediated.

Rescan finding behavior: The finding stops impacting the grade when an asset is taken offline. After requesting a rescan (user-requested rescan), the findings associated with offline assets are marked as closed within 3 days.

Open Ports

We were unable to gather data on this asset. However, if you closed this UDP port as part of your remediation actions, this is an expected result.

The certificate is publicly removed or taken offline.

Rescan expectation: No finding detected. The rescan status is Assumed Remediated.

Rescan finding behavior:

• The finding’s last seen date remains unchanged. The finding continues to impact the rating for its remaining lifetime and drops off after it completes its remaining lifetime.
• Closed UDP ports are undetectable and marked as “closed” after the finding completes its lifetime (60 days).

Server Software

Server decommissioned.

Rescan expectation: No finding detected. The rescan status is Asset Not Found.

Rescan finding behavior: Finding’s last seen date remains unchanged. The finding continues to impact the rating until its remaining lifetime completes.

Web Application Headers

The rescan process was unable to gather any data on the web application header requested. If the original web application header was recently changed as part of the remediation actions, this is an expected result.

Updated redirect from HTTPS-to-HTTP to HTTPS-to-HTTPS.

Rescan expectation: Finding should improve from BAD to NEUTRAL. The rescan status is Assumed Remediated.

Rescan finding behavior: If there is an issue reaching the final redirect (e.g. a firewall, the IP address does not change between the original domain and redirect domain), the finding continues to impact the rating for its remaining lifetime and drops off after it completes its remaining lifetime. See troubleshooting.

The domain was removed.

Rescan expectation: No finding detected. The rescan status is Assumed Remediated.

Rescan finding behavior: The finding’s last seen date remains unchanged. The finding continues to impact the rating until its remaining lifetime completes.

Troubleshooting: Why can’t my assets be found?

The most common reasons assets are unable to be found are:

• Asset is Not Reachable or is Slow to Respond
• Our Scans are Blocked

Asset is Not Reachable or is Slow to Respond

The asset is not online, it times out, or is slow to respond. Some examples of this include:

• The asset has been taken down
• The asset is slow to load
• The asset was down during the rescan
• The domain is hosted on a rotation IP provided by a hosting provider, so our rescans only get intermittent results
• The server name is misconfigured

Even if the asset is only down for a short period of time, it interferes with our ability to rescan the finding. To account for this, user-initiated refreshes attempt to contact the asset multiple times in a period of up to six days. If the asset remains unreachable after six days, the request times out and the status updates to Asset Not Found.

Our Scans are Blocked

There may be website configurations in place that block Bitsight scans. Some examples that interfere with rescanning findings include:

• Web App Firewalls (WAF) such as Cloudflare (Bot Fight Mode), AWS cloudfront, Akamai CDN, or firewall rules preventing access from an outside network
• Captcha pages or other human verification methods shown on page load
• Anti-crawler protection
• Geo-blocking
• Web pages that require a client-side certificate to browse
• Firewall configurations preventing access to a website from external networks

Next Steps

If you have further questions related to a user-requested rescan, please contact Bitsight Support with details about the records you are trying to rescan.