Findings

A finding is a raw, individual AI detection alert (for example, "Agent has sensitive data in his knowledge base", "User prompt contains access data", etc.). Alone, a finding may not be actionable. The Findings page in Tenable AI Exposure allows you to view all of your AI security findings to give you a holistic view of how these findings affect your overall AI security posture.

To access the Findings page:

  1. In the left navigation menu, click Issues.

    The Issues page appears. By default, the Issues tab is selected.

  2. Click the Findings tab.

    The Findings page appears.

  3. (Optional) In the upper-right corner of the page, from the drop-down menu, select a time frame by which you want to filter all data on the Findings page.

    The data on the page updates automatically based on your selection.

  4. At the top of the page, select whether you want to view your findings Per category or Per subcategory.

    The data on the page updates automatically based on your selection.

The Findings page includes the following sections:

Findings Overview

The findings overview is a scrollable categorization of your findings.

Here, you can:

  • View the total number of findings within each category or subcategory.

  • At the top of the section, select whether you want to view your findings Per category or Per subcategory.

    The categories listed and their relevant data updates automatically.

  • Click the and buttons to scroll through the list of categories.

Findings and prevention over time

The Findings over time section includes a graphical representation of your total number of findings over a specific time frame.

Tip: You can change the time frame in the upper-right corner of the page.

Here, you can:

  • Hover over any point on the graph to view the number of findings and prevented alerts on that specific date.

Findings List

At the bottom of the page, you can view a list of all findings within your Tenable AI Exposure container.

Here, you can:

  • Use the search bar to search for a specific finding in the list.

    1. Above the list, use one or more of the following filters to adjust the data displayed in the list:

      • Severity

      • Category

      • Subcategory

      • Users

      Tenable AI Exposure updates the list based on your selection.

    2. Click Clear Filters to clear any filters applied to the list.

    1. In the upper-right corner, click Export to CSV.

      Tenable AI Exposure exports the list in CSV format and saves it to your local downloads folder.

    1. In the upper-right corner, click the button.

      A menu appears.

    2. Select or deselect columns to show or hide them within the list.

    1. In the list, select the check box next to each finding you want to classify.

      A dialog appears at the bottom of the page.

    2. Click the icon.

      A list of options appears.

    3. Select one of the following options:

      • True Positive — Mark the finding(s) as legitimate violations that has been resolved.

      • Benign Positive — Mark the finding(s) as expected behavior that appears suspicious, but is actually benign.

      • False Positive — Mark the finding(s) as alerts that were triggered incorrectly, and are not an actual risk.

      A confirmation message appears and Tenable AI Exposure applies the selected classification to the finding(s).

  • Click on a finding within the list to navigate directly to the Finding Details for that finding.

  • View the following information about your findings:

    • Severity — The color coded severity category that indicates how critical the finding is, for example, Critical or Medium.

    • Subcategory — The subcategory to which the finding belongs, for example Email, Access Key, or URL.

    • Evidence — The evidence associated with the finding.

      Tip: Click to view the evidence directly in the finding details panel.

    • User — The Tenable AI Exposure user responsible for generating the finding.

    • Date and Time — The date and time at which the finding occurred.

    • Classification — The classification of the finding.

      1. In the drop-down, click the button.

        A menu appears.

      2. Select one of the following options:

        • True Positive — Mark the finding as a legitimate violation that has been resolved.

        • Benign Positive — Mark the finding as expected behavior that appears suspicious, but is actually benign.

        • False Positive — Mark the finding as an alert that was triggered incorrectly, and are not an actual risk.

        A confirmation message appears and Tenable AI Exposure applies the selected classification to the finding.