Findings

Use the Findings page to review the list of individual instances of vulnerabilities that affect your environment per asset. The Findings page allows you to do the following:

  • View detailed evidence for each specific “hit” of a vulnerability in your environment.

  • Filter the list of vulnerabilities by either properties of the plugin, the affected asset, the specific instance such as Status, Last hit, or any combination of the properties.

  • Export the filtered list of findings to assign them for remediation.

To access the Findings page:

  1. In the left navigation bar, go to Risks > Findings.

    The Findings page appears with the vulnerabilities in a table format.

    The Findings table includes the following details:

    Column Description
    Affected Asset The asset where the vulnerability is detected.
    IP The IP address of the asset.
    Severity The severity of the vulnerability: Critical, Medium, Low, or Info.
    Plugin Name The plugin that detected the vulnerability.
    Plugin ID The ID of the plugin.
    Port The port where the vulnerability is detected.
    Protocol The protocol used to communicate with the asset.
    VPR Vulnerability Priority Rating for the vulnerability.
    Status

    The status of the vulnerability. The possible values are:

    Active — Indicates that the vulnerability continuously appeared since its initial detection.

    Fixed — Indicates that the vulnerability initially appeared and disappeared and not resurfaced.

    Resurfaced — Indicates that the vulnerability appeared and disappeared and then reappeared.
    Plugin Source The plugin source.
    First Hit The time when the vulnerability was first detected.
    Last Hit The time when the vulnerability was last detected.
    Fixed at The time when the vulnerability was remediated.
    Plugin Family The family of the plugin.
    Asset Type The asset type, such as PLC, OT device and so on.
    Asset Risk Score The risk score of the asset.
    Asset Category The category to which the asset belongs to, such as Controller, Network Assets.
    Asset Vendor The name of the vendor of the asset.
    Asset Criticality The criticality of the asset based on the severity of the vulnerability: High Criticality, Medium Criticality, or Low Criticality.
    Asset Family The family of the asset.
    Asset Model The model of the asset.
    Firmware The firmware of the asset.
    OS The operating system that the asset runs on.
    Asset State The current state of the asset.
    Purdue Level The purdue level of the asset.
    Network Segment The network segment that the asset belongs to.
    Location The asset's location.
    Backplane Name The name of the backplane where the vulnerability was detected.