Findings
A finding is a weakness in systems, processes, policies, or procedures that could be exploited. It arises from penetration testing, vulnerability assessments, and compliance audits. These findings reveal potential points of compromise, categorized by severity, and often come with recommended remediation actions.
Organizations can use findings to allocate resources and improve security efficiently.
Findings are the most common object in PlexTrac and can be added to a report in multiple ways:
imported via files generated from third-party tools, such as Nessus or Pentera
imported from one of PlexTrac’s CSV finding templates
imported from an API integration, such as Snyk or HackerOne
created after an engagement was submitted in the Runbooks module
Accessing Findings
Findings can be accessed either through a report or the Clients module:
Via a Report:
Click Reports from the main menu.
Select a report.
Click the Findings tab.
Via the Clients module:
Click Clients from the main menu.
Select the client.
Click the Findings tab.
A count for the number of findings is displayed at the top of the table to the left of the filter boxes.
Identifying the Finding Source
The source of a finding can be found on the Finding detail side drawer, which appears when clicking the row of a finding seen in the Findings tab of a report or client. If the finding was created in PlexTrac, a value of plextrac
exists. If the finding was imported, the source of that file or integration is also recorded.
Finding ID
The finding ID can be found on the Finding detail side drawer, which appears when clicking the row of a finding in the Findings tab of a report or client. The finding ID is generated by importing it from the source tool or dynamically by PlexTrac when the finding is created.
For example, importing a Nessus file will pull in the Nessus plugin ID
as the PlexTrac Finding ID
.
Every finding in a PlexTrac report must have a unique finding title.
When importing findings from two scans into the same report, only additional findings from the second scan and any assets tied to existing findings are imported, even if duplicates exist.
When two findings with the same title are created in two different reports for the same client, they are displayed on the Findings tab in the Clients module, as they each receive a unique finding ID.
Finding Reported Date
The finding reported date is when the finding was added to the report. This value is displayed under the "Date Reported" column from the Findings tab. This value can be modified through the "Actions" button when selecting one or more findings.
Last updated