Finding States

Learn what finding states mean.

We move the pentest to Closed once you’ve resolved all findings. Until then, the pentest is in Remediation.

You can filter findings by their state on the Findings tab of the pentest page.

Filter findings by state

Finding State Description
Triaging Potential vulnerability that our pentesters triage and validate after posting.
Pending Fix Pentesters validated the finding and assigned a severity level to it based on the likelihood of occurrence and business impact. You can now:
Ready for Retest (Retest) You fixed the finding internally and submitted it for retest. Pentesters retest the finding and then change its state to:
  • Fixed, if they can’t reproduce the issue.
  • Pending Fix, if the issue persists. Read the pentester’s comment for details.
Resolved This includes three states:
  • Fixed: After you submitted the finding for retest, our pentesters verified that you fixed the issue internally. They couldn’t reproduce the issue.
  • Accepted Risk: You accepted the finding as a low risk.
  • Carried Over: Finding that you haven’t fixed during the previous pentest for the same asset. When you launch a new pentest, we create a finding in the Carried Over state. In the previous pentest, the finding always appears as Carried Over even if you fixed it in the next pentest.


Was this page helpful?

Yes No Create an Issue

Last modified December.12.2022