# Findings Components
By breaking away from traditional report-first workflows, findings are managed independently at the client and tenant levels, enabling teams to track, analyze, and remediate vulnerabilities more effectively.
The Findings module consists of two tabs: **Findings** and **Instances**.
{% hint style="info" %}
A finding represents a unique vulnerability occurrence for a specific client, while an instance represents each specific occurrence of that finding on a single asset.
{% endhint %}
## Findings Tab
The findings tab displays client-level findings, deduplicated by source and title, providing a view of unique organizational issues. A user needs authorization for every client to see all findings across the tenancy.
### Findings Overview Section
The Findings overview section provides a consolidated view of findings and is updated hourly. It includes analytics to understand progress, such as findings by severity and a breakdown of total open findings, so users can determine what to work on next. The data can be filtered by date values and client(s).
### Findings Inventory Section
The findings inventory list displays all client-level findings in one place, deduplicated by source and title. A user needs authorization for every client to see all findings across the tenancy.
## Instances Tab
A finding is a unique vulnerability within a client, while an instance is a specific occurrence of that finding on a single asset.
To illustrate:
1. **Findings Tab**: If a "Wireless Data Extraction" vulnerability exists, it is counted as one finding for each unique client where it occurs, provided the source and title are also unique. If a user has authorization to view all clients, they will see every unique vulnerability across the entire organization.
2. **Instances Tab**: When a user clicks on the "Wireless Data Extraction" finding and views its instances, they will see a list of all unique assets affected by that vulnerability. For example, if the vulnerability impacts three different assets, the page will display three instances, each representing the occurrence of the vulnerability on a specific asset.\
\
{% hint style="info" %}
A finding will always have one or more instances, while an instance will only have one finding.
{% endhint %}
### Instances Overview Section
The Instances overview section provides a snapshot of instances by status, score, and assignee, enabling users to analyze and organize finding data efficiently. The container can be collapsed by clicking the arrow at the top right.
### Instances Inventory Section
The instances table provides a detailed breakdown of specific vulnerabilities or issues across an organization's assets. Each instance represents a unique finding on a single asset, offering granular visibility into where and how often an issue appears.
Findings are deduplicated at a higher level, while instances show the exact scope of the problem across multiple assets, helping to determine whether an issue is widespread or isolated. Additionally, the table tracks when vulnerabilities were first detected, offering historical context for assessing how long issues have persisted.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.plextrac.com/plextrac-documentation/product-documentation/findings/findings-components.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.