Review and remediate findings that our pentesters discover.

A finding is a potential security flaw in an app or physical hardware. Our pentesters describe the vulnerabilities that they found during the pentest and provide recommendations on how to fix them.

Once your pentest goes Live, our pentesters start testing your asset. You get updates from pentesters in a dedicated Slack channel and in the Pentester Updates sidebar.

View Findings

To view findings for your pentest, on the pentest page, navigate to the Findings tab.

View findings for your pentest

On the Findings tab, you can view a summary of findings for your pentest, including:

  • Finding state
  • Finding summary
  • Severity level
    • Hover over the label to view the likelihood and business impact.
  • Labels or custom reference, if applied
  • Link to external issue on GitHub and/or in Jira, if applied
    • The availability of this feature is based on your PtaaS tier.
  • Number of comments from pentesters and pentest collaborators

Filter, Sort, and Download Findings

On the Findings tab, you can:

  • Filter findings by the following parameters:
    • Finding state
    • Severity level
    • Type of vulnerability, from criteria such as the OWASP Top 10 list
    • Assignee, if pentesters or someone from your organization assigned the finding
    • Label, if pentesters or someone from your organization applied a label
  • Sort findings by the:
    • Time reported
    • Criticality level
    • Activity related to the finding
  • Download findings in a CSV file based on applied filters

Review and Take Action on Findings

Remediate or accept findings.

Finding States

Learn what finding states mean.

Severity Levels

Finding severity levels.

Was this page helpful?

Yes No Create an Issue

Last modified December.12.2022