The Findings tab has two containers of information that can be expanded or collapsed:
- Findings: an overall view of all findings that the user has access to view and have been published
- Findings By Client: a view of findings filtered by the client (limited to top 30 clients)
When filters are selected, the data displayed refreshes, and the active filters are listed at the top of the page.
Search filters allow users to refine and narrow down their search results based on specific criteria or parameters.
Analytics filter values and data sets are updated every minute. If a tag or field was updated but did not appear as expected, wait one minute and try again.
A list of all filters and values for the Findings tab exists below:
- Client Tags
- Date Range
- Asset Tags
- Finding Severity: Unchecking a severity will hide any asset with only findings of that severity.
- Asset Severity
- Finding Tags
- Finding Status
- In Process
- Report Tags
- Graph View
- Assignees: only relates to Client, Client Tags, Finding Tags, Reports, and Reports Tags. If other fields are selected, the pulldown menu for Assignees will be blank. If a report with no assignees is set, the pulldown menu for Assignees will be empty.
- CVE IDE
- CWE ID
The CVE and CWE filters use an “and” query condition that requires both of the specified search terms or conditions to be present in the results. In other words, the search results must meet all of the specified conditions to be included in the results. For example, if two CVE values are added as a filter, the results will only display findings that contain both values.
The Findings container displays the status, severity, client breakdown, and most critical findings for all tenant findings within defined query parameters and user permissions.
The Findings By Client container displays a client's status, severity, and most critical findings. Scroll down to see a view for all clients.
More details about a specific finding can be obtained in the "Most Critical Findings" table.
Clicking the row of a finding brings up the findings details screen, which provides more details about the finding.
In addition, it allows direct access to:
- 1.The Findings tab of the Report module for further editing (click the "Finding ID" value)
- 2.Changing the finding status (click the "Status" value)
- 3.More information on an affected asset (click the table row of the asset)
- 4.More information on the CVE ID (click the link provided when a value exists)