This page explains the different tabs for each report.
When clicking a report, either from the Clients module or one that is displayed on the Reports module home page, seven tabs are displayed:
- Attack Path
The Readout tab displays the Report Narrative, the Report Readout column, the Findings Overview summary box, and the Findings Status box.
Specific findings can be viewed in more detail by clicking the finding in the Report Readout column. Click Report Narrative to return to the original view.
Hovering the cursor over the pie chart in Finding Status can provide more information about findings.
The Details tab displays information entered when the report was created, and it can be edited from this screen.
Narrative sections can be added to a report from this page in multiple ways:
- A new section can be created by clicking the Custom Section button.
- An existing section can be added from NarrativesDB module by clicking the Add from NarrativesDB button.
The Findings tab lists all findings associated with a report and allows for additional management and configuration options, such as adding findings.
Clicking a finding from this view will launch the Finding Detail modal, which is a snapshot view of the finding description, score, affected assets, references, CVE ID, CWE ID, Finding ID, status, severity, assignee, date reported, source, time to SLA, and any associated tags.
The columns for the Findings tab can be customized by clicking the column view icon to the right of the search bar.
Columns can be moved by dragging the bars up and down to change the sequence that they appear on the page. The Finding Title and Actions columns must always exist, but other columns can be removed from table view. Click Save when finished.
The Assets tab lists all assets associated with a report via its association with a finding. Assets cannot be added to a report independently and only exist within a report if part of a finding that was added to a report.
The Artifacts tab allows for additional information to be loaded and associated with a report, such as registry key, files, time stamps, and event logs.
The Attack Path tab allows for a visual representation of the tactics, techniques, and procedures (TTPs) used in a simulated attack discussed in the report. It can be manipulated and sequenced as desired.