LogoLogo
API DocumentationIntegrationsPlexTrac.com
  • Product Documentation
    • Using This Site
    • Security Advisories
    • Deployment and Maintenance Policy
    • Supported Applications
  • PlexTrac Modules
    • Dashboard
    • Clients
      • Clients Components
      • Creating a Client
      • Managing Clients
      • Managing Client Users
      • Adding Assets to a Client
      • Managing Assets
    • Schedule
      • Schedule Components
      • Creating an Engagement
      • Requesting an Engagement
      • Managing Engagements
      • Engagement Status
    • Assessments
      • Assessment Components
      • Managing Questionnaires
      • Starting an Assessment
      • Taking an Assessment
      • Reviewing an Assessment
      • Submitting an Assessment
    • Reports
      • Report Components
      • Creating a Report
      • Adding from NarrativesDB
      • Editing a Report
      • Using Short Codes in Reports
      • Findings
        • Creating a Finding
        • Collaborative Editing
        • Importing Findings from a File
        • CSV Findings Templates
          • Using Report Findings CSV Template
        • Importing Findings via an Integration
        • Importing Findings from WriteupsDB
        • Finding Status
        • Creating Jira Tickets
        • CVSS Scoring
        • Affected Assets
      • Importing a Report
      • Exporting a Report
    • Priorities
      • Priorities Components
      • Creating a Priority
      • Linking Findings and Assets
      • Managing Priorities
      • Priorities Metrics
    • Content Library
      • Types of Repositories
      • NarrativesDB
        • NarrativesDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Managing Sections
        • Creating a Section
      • WriteupsDB
        • WriteupsDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Writeup
        • Copying a Writeup
        • Adding to a Report
        • Importing via CSV Template
      • RunbooksDB
        • RunbooksDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Procedure
        • Creating a Technique
        • Creating a Tactic
        • Creating a Methodology
    • Analytics
      • Findings
      • Assets
      • Runbooks
      • Trends & SLAs
    • Runbooks
      • Managing Engagements
        • Starting an Engagement
        • Submitting an Engagement
      • Managing Test Plans
        • Creating a Test Plan
        • Exporting a Test Plan
  • Tenant Management
    • Account Management
      • Profile (Personal Settings)
        • Managing User Profile
        • Managing Password
        • Setting Up Two-Factor Authentication
      • Account Admin
        • Tenant Settings
          • Account Information
          • General Settings
          • Email Settings
          • Tags Settings
          • Service-Level Agreements (SLAs)
          • Short Codes
        • Customizations
          • Layouts
          • Templates
            • Report Templates
            • Export Templates
            • Style Guides
          • Theme
        • Automations
          • Risk Scoring
            • Creating Equations
            • Managing Priority Equations
          • Parser Actions
        • Integrations & Webhooks
          • Integrations (API)
            • Cobalt
            • Edgescan
            • HackerOne
            • Jira
            • ServiceNow
            • Tenable Vulnerability Management
            • Tenable Security Center
          • Webhooks
        • Security & User Management
          • Audit Log
          • Security
            • Authentication Methods
              • OAuth/OpenID Setup
                • Microsoft Entra ID
                • Google OAuth
                • Okta
                • OpenID Connect
              • SAML Setup
            • General Authentication Settings
            • Authorization
            • Role Based Access (RBAC)
              • Custom Roles
            • Classification Tiers
          • Users
            • Adding Users
            • Managing Users
        • Licensing
          • Licensing
          • Priorities
          • Plex AI
            • Using AI
        • White Labeling
      • Help Center
      • Logout
    • Integrations and File Imports
      • Acunetix
      • BlindSPOT
      • Burp Suite
      • Checkmarx
      • Core Impact
      • HCL AppScan
      • Invicti
      • Nessus
      • Nexpose
      • Nipper
      • Nmap (Assets)
      • Nmap Vulners NSE
      • Nodeware
      • NodeZero
      • OpenVAS
      • OWASP ZAP
      • Pentera
      • Qualys (VM Parser)
      • Qualys (Web App Scanner)
      • RapidFire
      • Scythe
      • Veracode
  • API Documentation
    • Overview
    • Concept Definitions
    • Getting Started
    • Retrieving Parameter IDs
    • Object Structures
      • Client Object
      • Report Object
      • Finding Object
      • Asset Object
      • Evidence Object
    • Use Cases
    • API Change Policy
      • API Change Log
    • Webhooks
      • Webhook Payload Structure
      • Verifying Sender Requests
Powered by GitBook
On this page
  • Accessing Findings
  • Via a Report:
  • Via the Clients module:
  • Identifying the Finding Source
  • Finding ID
  • Finding Reported Date

Was this helpful?

Export as PDF
  1. PlexTrac Modules
  2. Reports

Findings

PreviousUsing Short Codes in ReportsNextCreating a Finding

Last updated 1 year ago

Was this helpful?

Resources

  • Privacy Policy
  • Terms of Use
  • Vulnerability Policy

© 2025 PlexTrac, Inc. All rights reserved.

A finding is a weakness in systems, processes, policies, or procedures that could be exploited. It arises from penetration testing, vulnerability assessments, and compliance audits. These findings reveal potential points of compromise, categorized by severity, and often come with recommended remediation actions.

Organizations can use findings to allocate resources and improve security efficiently.

Findings are the most common object in PlexTrac and can be added to a report in multiple ways:

  • created from scratch within a report

  • migrated from WriteupsDB

  • imported via , such as Nessus or Pentera

  • imported from one of PlexTrac’s CSV finding templates

  • imported from an , such as Snyk or HackerOne

  • imported via PlexTrac’s API endpoints

  • created after an assessment was completed

  • created after an engagement was submitted in the Runbooks module

Accessing Findings

Findings can be accessed either through a report or the Clients module:

Via a Report:

  1. Click Reports from the main menu.

  2. Select a report.

  3. Click the Findings tab.

Via the Clients module:

  1. Click Clients from the main menu.

  2. Select the client.

  3. Click the Findings tab.

A count for the number of findings is displayed at the top of the table to the left of the filter boxes.

Identifying the Finding Source

The source of a finding can be found on the Finding detail side drawer, which appears when clicking the row of a finding seen in the Findings tab of a report or client. If the finding was created in PlexTrac, a value of plextrac exists. If the finding was imported, the source of that file or integration is also recorded.

Finding ID

The finding ID can be found on the Finding detail side drawer, which appears when clicking the row of a finding in the Findings tab of a report or client. The finding ID is generated by importing it from the source tool or dynamically by PlexTrac when the finding is created.

For example, importing a Nessus file will pull in the Nessus plugin ID as the PlexTrac Finding ID.

Every finding in a PlexTrac report must have a unique finding title.

When importing findings from two scans into the same report, only additional findings from the second scan and any assets tied to existing findings are imported, even if duplicates exist.

When two findings with the same title are created in two different reports for the same client, they are displayed on the Findings tab in the Clients module, as they each receive a unique finding ID.

Finding Reported Date

The finding reported date is when the finding was added to the report. This value is displayed under the "Date Reported" column from the Findings tab. This value can be modified through the "Actions" button when selecting one or more findings.

files generated from third-party tools
API integration