Back to Website
  1. Knowledge Base
  2. Assessment & Prioritisation
  3. Working with Attack Surface findings

Findings page

Linus Kingfors
Modified on: Mon, 31 Jul, 2023 at 3:35 PM

Findings Page

The Findings page provides a holistic overview of the current status of your attack surface. It gathers and displays all vulnerabilities found with Surface Monitoring and Application Scanning. It also displays a list of your Policy Alerts. From here you can view, sort, filter and export your findings. 

Filter issues to help you focus

The page includes filters that let you specify what you want to focus on, including level of severity, which domains you want to look at, and whether it was found in the past week or the past month. You can combine different filters to create a view of the most critical issues that you want to remediate, or all issues on a particular asset, etc. 

Save filters for easy reporting

You can save filters and then export them for easy reporting, or for convenience if you know you always want to view your data the same way.


Columns

You can use the columns to sort your findings in the order that helps you best. You can also move, resize, hide and pin columns so that you can focus on the data that is most important to you by dragging and dropping them where you want them, or clicking on the headers to hide or pin them.


Tagging vulnerabilities  as False Positive or Accepted Risk- or with your own tags

Tags can be applied to both your Application Scan as well as your Surface Monitoring vulnerabilities. You can also mark more than one type of vulnerability as False Positive. 

Marking a vulnerability as a False Positive lets you send a report to our security researchers about why this particular test is a false positive in your environment. Our Security Team looks at the aggregated FP report data to implement module improvements.

The other two tags (Accepted Risk, Fixed) are more of a function to let you mark up issues with statuses relevant to your workflow. 

All the issues tagged with statuses as above are visible in the left-hand menu. 

You can also tag issues with your own tags. You can go back and view all the issues you added tags to by filtering on the Tags column. 

Tagging issues by False Positive and Accepted Risk is also available in the API, including filtering on them. You can also filter on your own tags, including extracting all issues except those tagged with a single tag, such as “downprioritised”.

The functionality of tagging issues as False Positive, Accepted Risk, or with tags of your own choice will soon be available for Policy alerts.


Frequently Asked Questions:

How do I sort the findings?

You can sort by all columns except the Asset column, and you sort by clicking the arrow that appears if you hover over the column name.

How do filters work?

You use the filters by clicking on the three dots in a column or the Filter button on the right. You can combine several operators (like severity or asset) and select one or more parameters (like critical and high severity and three of your most important assets).

Can I change number of rows?

You can change the number of rows at the bottom of the page.

How do I move columns?

You drag and drop them where you want them.

Can I pin a column to the left or the right?

Yes, just click the three dot menu next to the column name and select "Pin to left" or "Pin to right". 


The content looks too dense, can I change to a bigger and more spacious design?

Yes, by clicking the three dot menu in the top righthand corner and choosing a different display.

How do I select several vulnerabilities at the same time, or all the vulnerabilities on one page?Can I select all of the vulnerabilities at once?

Use the checkbox to select several vulnerabilities at once. You can select all the vulnerabilities that are on the first page by clicking the checkbox at the top of the page. Increase the number of rows if you would like to select more than the default amount of vulnerabilities that are shown.



How do I export my results?

You click the three dot menu on the right, choose your format (currently .csv or json is available) and then click Create Export. When your export has been created, you can download it. 

 
Are there going to be more changes in the future?

The table will change as we add more functionality and more security issues. The focus is to enable users with large attack surfaces to easily view, prioritize and export their data. 


How do I send feedback if I want to suggest a new functionality or improvement?

Email support@detectify.com.


© 2024 detectify | Go hack yourself.