Comment on page
Report Components
Individual reports can be accessed from either the Clients or Reports module. Once a report is selected, users can manage and update it using seven tabs: Readout, Details, Narrative, Findings, Assets, Artifacts, and Attack Path.
In the Readout tab, you can access the Report Narrative, Report Readout column, Findings Overview summary box, and Findings Status box. The Report Readout column has a convenient scrolling feature, making it simple for users to move through the list of findings.
Report narratives can be edited from this tab (by clicking Edit/Comment) or on the Narrative tab.
To view a finding narrative, click the corresponding box in the "Report Readout" column. To edit this content, click Edit/Comment.
Click Report Narrative to return to the default report readout view.
Hovering the cursor over the pie chart in Finding Status can provide more information about the findings.
The Details tab offers an interface to view and modify the information entered when the report was created. For more detailed guidance on each field and its significance, refer to the Creating a Report page.
The Narrative tab offers an interface to view and modify existing rich-text fields (RTFs) or add new ones manually or from NarrativesDB. The existing narrative sections can be expanded or collapsed using the arrow at the right of the box.
Visit the Collaborative Editing page for more information about track changes and commenting functionality within the RTFs.
Narrative sections can be added to a report from this page in two ways:
- A new section can be created by clicking the Custom Section button.
- An existing section can be added from the NarrativesDB module by clicking the Add from NarrativesDB button.
The Findings tab lists all findings associated with a report and provides the ability to view a finding and conduct additional finding management and configuration.
Clicking a finding row will launch the Finding Detail page, which is a snapshot view of the finding and all associated content, assets, and tags.
The table view can be customized by clicking the column view icon to the right of the search bar.
Once clicked, a modal appears that lists all fields. To remove a column, click X within the bar.
Fields that are required do not have an X available.
When fields are removed, an "Add Column" pulldown menu is added at the bottom left of the modal to store the field. Any removed fields can be added later by clicking Add Column and selecting the field to add.
This modal represents the sequence of fields provided in the table, meaning the bar on top will be the column on the table's far left.
The order of columns can be adjusted within this modal by clicking the six dots on the left of the bar for a field and dragging the bar to the desired sequence place.
Click Save when finished.
The Assets tab displays all assets in the report that are linked via a finding. Assets are not added to a report directly; they only exist within a report when they are part of a finding that has been added to the report.
The Artifacts tab provides a dedicated space to load and associate additional information with a report. This functionality allows for the inclusion of various artifacts, such as registry keys, files, time stamps, and event logs, which can provide context and support the findings and conclusions presented in the report.
The Attack Path tab visually represents the tactics, techniques, and procedures (TTPs) employed in a simulated attack, as discussed in the report. This tab offers a flexible and interactive interface that allows users to manipulate and sequence the attack path as desired.
This visual representation makes it easier for stakeholders to understand the attack methodology and visualize how an attacker could exploit vulnerabilities within the system.
More information about a finding can be accessed by clicking the eye icon within a box to pull up the Finding Details page.
Last modified 5d ago