Skip to main content
Skip table of contents

Products

Purpose

This article provides users with an overview of products in Informational findings.

Introduction

This document offers an overview of products related to Informational findings. It outlines the requirements for accessing the OUTSCAN™/HIAB account and describes how users can view products linked to specific assets. The document details the information available in the product details view, including product specifications, ports, and asset information, as well as commenting features for user interaction. Additionally, it explains how to manage products, including editing tags and marking items as false positives, along with the various columns available for product information display.

Product Overview

Requirements

It is assumed that the reader has basic access to the OUTSCAN™/HIAB account with Appsec subscription. 

The Products view is visible without an Appsec subscription, but the view will be empty.

Products

In Findings > Informational > Products, the products that are linked to a specific asset are listed.

When clicking on a product, a details view is displayed on the right side of the window.

Portal_Informational_Findings_Products.png

Details

The Details tab shows more information about the selected product. 

This includes product information such as name, version, type, EOL, URL, CPE 2.2, CPE 2.3.

Ports

A list of all ports and information about them such as port name and port protocol.

Asset

The affected asset, and by clicking the asset name you are redirected to the asset view for more information.

First seen

When the port was first discovered on the specific asset.

Last Seen

When the port was last seen on the specific asset.

Created

The time since the product was created.

Created by

The name of the account that the product was created by.

Updated

The time since the product was last updated.

Updated by

The name of the account that the product was last updated by.

Comments

The Comments tab enables you to post comments on products, as well as sending messages to the Outpost24® Appsec team for review and response about the selected product.

Discussions and Commenting

Discussions about a finding are normally customer-internal. Only when eligible (via associated subscription) may a dialog between customer and the Outpost24 AppSec team be initiated.

Starting a Discussion

You can start a discussion about a finding:

  1. Select a finding.

  2. Click the Comments tab on the right side. The Comments tab shows all your ongoing discussions.

  3. Add a new comment and click the blue Start Discussion button.

    Portal_discussion_comment.png


  4. To reply to a discussion, enter your reply on the Reply to conversation line and click the blue Reply button.

Starting a Discussion with the Outpost24 AppSec Team

You can start a discussion about the findings with the Outpost24 AppSec Team for review and response. 

  1. Select a finding.

  2. Click the Comments tab on the right side. The Comments tab shows all your ongoing discussions.

  3. Toggle the Start a discussion with Outpost24 switch.

    Portal_discussion_discussion.png

The Start a discussion with Outpost24 toggle is displayed if and when the underlying finding is eligible.

  1. Add a new comment and click the blue Start Discussion button.
    The comment is sent to the Outpost 24 AppSec team.

  2. To reply to an ongoing discussion, enter your reply on the Reply to conversation line and click the blue Reply button.

When discussing with an Outpost 24 AppSec representative, the discussion card is marked clearly with a blue sign in the top left corner of the discussion card.

Portal_Discussion.png

Deleting a Single Comment

To delete a comment in a discussion, click on the delete Icon_Delete.png icon to the right. This removes the comment from the discussion.


The deleted comment is marked with the text "This message has been deleted".

You can only delete your own comments.

Deleting a Discussion Tree

To delete the entire discussion tree, click on the delete Icon_Delete.png icon to the right on the first line in the card. This removes all conversation in the card.


The deleted discussion and all replies is marked with the text "This message has been deleted".

Removing the top discussion will remove all the following replies in that discussion recursively.

Web_application_delete_discussion.png

If no comment is given, a default message/comment stating “Transitioned information status from <original status> to <new status> without user's comment." is saved as a activity log to assist with the reviewing of the finding’s history.

The customer can also transition products from other status like FALSE_POSITIVE or PRESENT.

Example:

Portal_Informational_Findings_Ports_Status_Comment.png

Starting discussions with the Outpost24® Appsec team requires an active Appsec subscription.

To access existing comments, enable the comments column and click on the comment icon_comment.png icon to quickly launch the comments window. 

Manage Products

Select one or more products, and choose one of the actions that is displayed on the bottom bar:

Portal_Informational_Findings_Products_Bottom_Bar.png

Right-clicking a product or a selected group of products opens a menu where the same tasks can be performed.

Portal_Informational_Findings_Ports_Menu.png

The possible user actions are:

  • Edit tags Icon_Edit_Tag.png.png adds a tag to the selected product. See Tags for more information.

  • Mark as false positive Icon_Mark_As_False_Positive.png marks a product as a false positive.

  • Unmark false positive Icon_Unmark_As_False_Positive.png reverts a product as a false positive.

Columns

By clicking the Column Icon_Column.png bar next to the Main Menu, you expand the column list available to Products. Select any Column to view in the main window.

Select a specific column to know that information about a product. All selected columns are displayed in the Products tab. The available options are described below.

Option

Format

Description

Age

Shows how old the product is in regards to when then it was first discovered in a scan.

Asset

Name of the asset associated to the product. Could consist of among others:

  • FQDN

  • IP-address

  • Agent ID

  • Container image name

Asset ID

The unique identifier of the Asset the Product belongs to.

Comments

Number of comments associated to the product. 

CPE 2.2

Portal_Informational_Findings_Products_CPE2_2.png

Common Platform Enumeration, see for more details https://cpe.mitre.org/files/cpe-specification_2.2.pdf

CPE 2.3

Portal_Informational_Findings_Products_CPE2_3.png

Common Platform Enumeration, see https://web.archive.org/web/20210422160307/https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf for more details

Created

When the finding object was first created. Counted from when a scan first resulted in this finding or when the Appsec team pushed it.

Created by

Who created it:

  • System if it was from a scan

  • Appsec team if they created it

Created by ID

Portal_Informational_Findings_Portal_CreatedById.png

ID of the account that created the port.

Customer ID

Portal_Informational_Findings_Ports_CustomerId.png

ID of the customer.

EOL (End of Life)

Portal_Informational_Findings_Products_EOL.png

The timestamp when the product goes EOL.

First scan ID

ID of the scanlog entry this product was first found in.

First seen

Date shows when the product was first discovered on a specific asset during recurring scans. When not found in a scan, the first seen date resets.

ID

Unique identifier of the product.

Last scan ID

This is the last (latest) scan this product was found in.

Last seen

Date shows when the product was last seen on a specific asset. Checks if the product is present in recurring scans. If it is not found in one scan, the last seen date resets.

Match IDs

Reference ID to the scanners raw data output that the product is generated from and contains in depth information such as vhost, port, pattern, url, product versions, and so on.

Name

Portal_Informational_Findings_Products_Name.png

Name of the product.

Port names

Portal_Informational_Findings_PortNames.png

List of all port names.

Port protocols

Portal_Informational_Findings_PortProtocols.png

List of all port protocols.

Ports

Displays the ports which the product was found on. Hovering mouse on the port chip displays the port number and protocol as tool-tip.

Portal_Fidnings_Ports.png

Number filter is applicable on the column.

Seen last scan

Boolean value that shows if the product was detected during the last scan of the linked asset.

Source

Which source scanner or product type does the product originate from.

Status

Indicates the different statuses for a product. Can be marked as:

  • False Positive - The scanner is finding a risk that has been marked by someone to be a false positive and is not supposed to pick up on.

  • Present - (Default) Shows that a Product is present after scanning

Tags

Displays the available tags associated with the product.

Type

PRODUCT

The type of informational finding

Updated

Timestamp of when the product was last updated at all for any reason, system- or user-initiated.

Updated by

Who did the last updating action, system, user, or AppSec team and so on.

Updated by ID

Portal_Informational_Findings_Ports_UpdatedById.png

ID of the account that did the last updating cation

Version

Portal_Informational_Findings_Products_Version.png

The version of the product that was detected



Copyright

© 2025 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close