View Finding Details
You can view additional details for any findings on the Findings tab within Attack Path Analysis.
To view additional details for a finding:
-
Access the Findings tab.
-
In the Findings list, click the finding for which you want to view additional details.
The finding details page appears.
On the finding details page, you can:
-
View the name and priority of the finding.
-
View the date and time at which the finding was last updated. For example, a change in the status, priority, or state of a finding can change the Last update time.
-
Click Log History to view the changes in the state, status, and priority of a finding. For more information, see View Log History.
-
View information about nodes within attack paths that exploit the finding.
-
Click a node name to view additional details:
The node details panel appears.
In the node details panel, you can:
-
On the left side of the panel, select the node for which you want to view additional details.
The information on the right side of the panel updates accordingly.
Tip: Click the button to view that node directly in the Attack Path Graph -
Click the Information tab to view further details about the node, including, but not limited to:
-
NES — The Node Exposure Score (NES) is a metric produced by Attack Path Analysis to understand the blast radius exposure of a node. This metric considers the Vulnerability Priority Rating of all vulnerabilities on the asset as well as other relationships such as software installed, sub-networks to which the asset belongs, internet exposure, etc.
-
Logged in Users — Users currently logged into the node.
-
Member of — Lists the number of groups to which the node belongs.
-
Related Types — The node type as categorized by Attack Path Analysis.
The information in this panel varies based on the node type, for example, Computer or User.
-
-
Click the Related Techniques tab to view Attack Path Techniques associated with the node.
-
Click Export to CSV to export the node details in CSV format.
-
-
-
Click View Attack Paths to navigate to the Discover tab, where you can view a graphical representation of the attack path as well as interact with more attack path data.
-
Click Share to copy, send via email, or print the details of the finding. For more information, see Share Finding Details.
-
View a brief description of the Details of the finding.
-
View the Choke Point Priority related to the finding.
Tip: A choke point is a place where potential attack paths merge together before reaching a critical asset. Attack Path Analysis uses a Choke Point Priority metric to determine the criticality of choke points. -
View Evidence related to the finding.
-
View Mitigation options for the finding:
-
Click on an option to view further information steps you can take to mitigate the finding.
-
To view a step-by-step guide on how to mitigate the finding, click Step by Step Mitigation Guide.
On the right side of the page, the Step by Step Mitigation Guide panel appears, which includes a set of instructions you can follow to mitigate the finding and therefore its risk.
-
(Optional) In the upper-right corner, click the Action drop-down and select one of the following actions:
-
Copy to Clipboard — Copy the mitigation steps to your device's clipboard.
-
Create a Jira Ticket — Create a Jira ticket from the steps listed in the mitigation guide.
-
Export to CSV — Export the mitigation steps in CSV format.
-
Export to PDF — Export the mitigation steps in PDF format.
-
Export to JSON — Export the mitigation steps in JSON format.
-
-
-
-
View Detection information for the finding.
-
View Related Malware and Tools associated with the finding.
-
View external References, where you can learn more about the finding.
-
Click a reference to navigate to that resource.
-