View Finding Details

You can view additional details for any findings on the Findings tab within Attack Path Analysis.

To view additional details for a finding:

1. Access the Findings tab.

2. In the Findings list, click the finding for which you want to view additional details.

   The finding details page appears.

   

On the finding details page, you can:

• View the name and priority of the finding.

• View the date and time at which the finding was last updated. For example, a change in the status, priority, or state of a finding can change the Last update time.

• Click Log History to view the changes in the state, status, and priority of a finding. For more information, see View Log History.

• View information about nodes within attack paths that exploit the finding.

  • Click a node name to view additional details:

    The node details panel appears.

    

    In the node details panel, you can:

    • On the left side of the panel, select the node for which you want to view additional details.

      The information on the right side of the panel updates accordingly.

      Tip: Click the button to view that node directly in the Attack Path Graph.

    • Click the Information tab to view further details about the node, including, but not limited to:

      • NES — The Node Exposure Score (NES) is a metric produced by Attack Path Analysis to understand the blast radius exposure of a node. This metric considers the Vulnerability Priority Rating of all vulnerabilities on the asset as well as other relationships such as software installed, sub-networks to which the asset belongs, internet exposure, etc.

      • Logged in Users — Users currently logged into the node.

      • Member of — Lists the number of groups to which the node belongs.

      • Related Types — The node type as categorized by Attack Path Analysis.

      The information in this panel varies based on the node type, for example, Computer or User.

    • Click the Related Techniques tab to view Attack Path Techniques associated with the node.

    • Click Export to CSV to export the node details in CSV format.

• Click View Attack Paths to navigate to the Discover tab, where you can view a graphical representation of the attack path as well as interact with more attack path data.

• Click Share to copy, send via email, or print the details of the finding. For more information, see Share Finding Details.

• View a brief description of the Details of the finding.

• View the Choke Point Priority related to the finding.

  Tip: A choke point is a place where potential attack paths merge together before reaching a critical asset. Attack Path Analysis uses a Choke Point Priority metric to determine the criticality of choke points. Tenable recommends focusing on areas with higher choke points first, as remediating those will negate the largest number of critical items within your organization.

• View Evidence related to the finding.

• View Related Products, Assets, and Findings for the finding. This section displays information about the data sources used or seen within this specific finding.

  Tip: Click on a related finding to open it directly within its source application. Within the source application, the list of findings is filtered by related assets and plugin IDs. However, if there are more than 15 related assets, the list is filtered only by plugin IDs and shows findings for all assets within the source application. Not all applications include plugin information.
  Note: While source information is available for on-premises products such as Tenable Identity Exposure On-Prem and partial products such as Tenable Security Center without Tenable Vulnerability Management, links to the source application are currently unavailable for these.

• View Mitigation options for the finding:

  1. Click on an option to view further information steps you can take to mitigate the finding.

  2. To view a step-by-step guide on how to mitigate the finding, click Step by Step Mitigation Guide.

     On the right side of the page, the Step by Step Mitigation Guide panel appears, which includes a set of instructions you can follow to mitigate the finding and therefore its risk.

• View Detection information for the finding.

• View Related Malware and Tools associated with the finding.

• View external References, where you can learn more about the finding.

  1. Click a reference to navigate to that resource.