Vulnerabilities

^{Last Updated:}^2025-11-26

Purpose

This article provides users with an overview of Findings.

Introduction

In Outpost24, the Vulnerabilities feature provides detailed insights into potential security risks identified during assessments of target assets. These findings encompass a range of issues, from general security best practices that reduce the attack surface to confirmed exploitable vulnerabilities. Each finding includes a classification, a risk score, and comprehensive information detailing the nature of the vulnerability, the rationale behind its detection, and potential exploitation methods. Additionally, actionable remediation steps are provided to mitigate the identified risks effectively. This feature is essential for organizations aiming to enhance their security posture by systematically addressing and resolving vulnerabilities within their infrastructure.

Requirements

It is assumed that the reader has basic access to the OUTSCAN™/HIAB account with Appsec subscription.

The Findings view is visible without an Appsec subscription, but the view will be empty and you will not be able populate the view.

Findings

In Findings > Vulnerability, the vulnerabilities that are identified during a scan are listed.

When clicking on a finding, a details view are displayed on the right side of the window.

Details

Overview

The Details section provides a comprehensive risk profile of a vulnerability by combining four critical data sets to drive effective remediation. It establishes the vulnerability's foundational information (Name, Description, and Solution) alongside standard identifiers (CVE and CWE) for the affected Asset. The section displays multiple scoring perspectives, including CVSS scores for theoretical severity, countered by predictive Farsight and EPSS scores which assess the real-world likelihood of exploitation. Finally, it incorporates Active Threat Intelligence, showing counts of related Exploits, Malware, and Campaigns to determine the immediate patching urgency.

The Details tab presents the description of the selected finding along with its solution. The first section shows the Farsight, EPSS, and CVSS scores in a boxed layout, accompanied by the solution, description, match details, and other relevant information. The second section expands to reveal more in-depth data about Farsight, EPSS, and CVSS. The third section focuses on the specific details of the finding itself. Finally, the Secure Code Warrior section offers additional context or guidance related to secure coding practices.

Vulnerability Catalog - Field Reference

The following table describes all available fields in the vulnerability details catalog. These fields provide complete context for understanding, prioritizing, and remediating vulnerabilities.

Option	Description
Name	The official title or common name of the vulnerability, for example, Microsoft Windows Server Remote Code Execution Vulnerability.
Description	A detailed text explanation of the vulnerability, the mechanism of the attack, and its potential impact on the system.
Solution	A high-level summary of the recommended action to remediate the vulnerability.
Solution Patches	A list of specific software updates or Knowledge Base (KB) articles required to fix the vulnerability, for example, KB4567890.
Match	The criteria used by the security scanner or system to confirm the presence of the vulnerability on the target host.
Asset	The name, IP address, or identifier of the specific system/host where the vulnerability was found.
Tags	Custom or internal labels used for categorization or organization, for example, Critical Asset, DMZ, PCI Scope.
Last seen	The most recent date this vulnerability was successfully detected on the scanned asset.
First seen	The earliest date this vulnerability was detected on the scanned asset.
Updated	The last time this vulnerability record or its related threat intelligence was modified or refreshed in the database.
Farsight	An internal, machine-learning-driven score representing the predicted Likelihood/Risk of exploitation, used for prioritization.
Trend (Last Month)	A metric showing the change in the vulnerability's prevalence or activity over the last 30 days.
Last threat activity	The most recent date when any threat intelligence (Exploit, Malware, etc.) related to this vulnerability was observed.
CVSS v3 Score	The numerical severity rating based on the Common Vulnerability Scoring System, Version 3.
CVSS v2 Score	The numerical severity rating based on the Common Vulnerability Scoring System, Version 2.
Severity (Qualitative)	The descriptive risk level (Critical, High, Medium, Low) derived from the numerical CVSS score.
CVSS v3/v2 Metrics	A list of all base vector parameters (or example, Attack Vector, Confidentiality Impact) used to calculate the CVSS score.
EPSS	The Exploit Prediction Scoring System score, indicating the probability of exploitation in the wild within 30 days.
CVE	The unique identifier (Common Vulnerabilities and Exposures) for the vulnerability.
CWE	The Common Weakness Enumeration ID, classifying the underlying programming flaw.
CAPEC	The Common Attack Pattern Enumeration and Classification codes related to the exploit methods.
OWASP Top 10	A reference to the category within the OWASP Top 10 list of web application security risks.
SANS Top 25	The ranking or category reference within the SANS/CWE Top 25 Most Dangerous Software Errors.
Campaigns	A count of known or active cyber attack campaigns leveraging this vulnerability.
Exploits	A count of publicly available exploit code or proofs-of-concept for this vulnerability.
Malware	A count of specific malware families known to use this vulnerability.
Threat Actors	A count of recognized threat groups or actors targeting this vulnerability.
Tools	A count of offensive security tools or scanners that include a module for this vulnerability.
Secure Code Warrior	A platform that trains developers on secure coding practices to prevent vulnerabilities.

Farsight - Likelihood Scoring

The Likelihood feature in Outpost24® Farsight provides an easier way to address vulnerabilities that are relevant and may impact an organization irrespective of the CVSS score or the presence of an exploit for a vulnerability.

By focusing on the likelihood, you are mitigating vulnerabilities that, based on the machine learning model, are predicting an increased risk even though it may not currently be exploited.

Risk classification of assets serves a purpose and should be conducted to further distinguish where to focus most efforts. This task can be time-consuming and may not produce viable results in the first couple of iterations. Farsight enables you to filter out some unlikely vulnerabilities with little to no prior knowledge about the vulnerabilities or assets, getting you on track with your vulnerability program faster.

Risk Score - Likelihood

Likelihood is a risk indicator that shows how many times more likely a vulnerability is to be exploited compared to average, where approximately 95% of all vulnerabilities are never exploited. This is displayed in the Likelihood column in the Findings view. The value can go from 1 to 100, where 100 is the equivalent of saying it will be (or has been already) exploited in the wild in the next 12 months. The benefit to the customer is the ability to drive a more aggressive risk-based remediation, focusing on even fewer vulnerabilities that reach a particular likelihood.  It is also worth noting that any vulnerability already exploited in the wild will have the risk value of 100 as it has been exploited already.

Since risk score is machine learning driven, several factors affect the risk rating, which can decrease and increase based on activity in the wild.

Option	Description
Score	A risk indicator that shows how much more likely a vulnerability is to be exploited compared to average. The risk indicator presents the likelihood values in an 0-100% (0-1) format.
Delta	The difference between the current and the former likelihood values.
Update date	The date when the Delta value changed.
Threat activity	The last time the threat activity was detected by the watcher community.

Solution

The solution section provides an actionable advice on how to remediate the vulnerability as well as detailed information about the context of the vulnerability where it was found.

Solution Patches

The Solution Patches card shows a patch number recommended to remediate the vulnerability that was found. This is the same patch as the one that can be found in the Solution Patch column.

Description

A detailed explanation of the finding with information about the nature of the vulnerability and its potential impact on the affected system.

CVSS Score

The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation such as Low, Medium, High, and Critical to help organizations properly assess and prioritize their vulnerability management processes.^[1]

In the solution field, both CVSS v2 and CVSS v3 base scores are displayed. If a Environmental vector exists, it is displayed as a second section with metrics and the score is adjusted.

Both CVSS score fields are collapsible by clicking the down arrow in the upper right corner.

Classifications

A list of references to widely recognized vulnerability categorization values.

CWE™

Common Weakness Enumeration (CWE™) is a community-developed list of common software and hardware weaknesses that have security ramifications. A weakness is a condition in a software, firmware, hardware, or service component that, under certain circumstances, could contribute to the introduction of vulnerabilities.^[2]

CAPEC™

Common Attack Pattern Enumerations and Classifications (CAPEC™) is a catalog of known cyber security attack patterns used to prevent attacks.^[3]

OWASP

The Open Worldwide Application Security Project (OWASP) Top 10 is a standard awareness document for developers and web application security, and represents a broad consensus about what the most critical web application security flaws are. ^[4]

OWASP API refers to OWASP’s focus on the security of Application Programming Interfaces (APIs) specifically, the vulnerabilities, risks, and protection techniques related to APIs that modern apps, for example, mobile apps, web apps, cloud services, IoT rely on.

OWASP Mobile refers to a collection of projects and resources from OWASP specifically focused on securing mobile applications such as apps running on Android, iOS, and similar mobile operating systems.

SANS Top 25

The SANS value shows the vulnerability score in the 2023 CWE™ Top 25 Most Dangerous Software Weaknesses.

Finding detail

The detail of finding with name, assets, updated time, mentions and tags

Exploits details

Shows if there are any known public exploits from various sources.

Option	Description
Name	The name of the CVE identifier which is an alphanumeric string that identifies a Publicly Disclosed vulnerability.
Description	Description of the vulnerability.
URL	A link to more information of the exploit in the source.

Comments

The Comments tab enables you to post comments on findings, as well as sending messages to the Outpost24® Appsec team for review and response about the selected vulnerability.

Discussions about a finding are normally customer-internal. Only when eligible (via associated subscription) may a dialog between customer and the Outpost24 AppSec team be initiated.

Starting a Discussion

You can start a discussion about a finding:

Select a finding.
Click the Comments tab on the right side. The Comments tab shows all your ongoing discussions.
Add a new comment and click the blue Start Discussion button.
To reply to a discussion, enter your reply on the Reply to conversation line and click the blue Reply button.

Starting a Discussion with the Outpost24 AppSec Team

You can start a discussion about the findings with the Outpost24 AppSec Team for review and response.

Select a finding.
Click the Comments tab on the right side. The Comments tab shows all your ongoing discussions.
Toggle the Start a discussion with Outpost24 switch.

The Start a discussion with Outpost24 toggle is displayed if and when the underlying finding is eligible.

Add a new comment and click the blue Start Discussion button.
The comment is sent to the Outpost 24 AppSec team.
To reply to an ongoing discussion, enter your reply on the Reply to conversation line and click the blue Reply button.

When discussing with an Outpost 24 AppSec representative, the discussion card is marked clearly with a blue sign in the top left corner of the discussion card.

Deleting a Single Comment

To delete a comment in a discussion, click on the delete icon to the right. This removes the comment from the discussion.

The deleted comment is marked with the text "This message has been deleted".

You can only delete your own comments.

Deleting a Discussion Tree

To delete the entire discussion tree, click on the delete icon to the right on the first line in the card. This removes all conversation in the card.

The deleted discussion and all replies is marked with the text "This message has been deleted".

Removing the top discussion will remove all the following replies in that discussion recursively.

If no comment is given, a default message/comment stating “Transitioned finding status from <original status> to <new status> without user's comment." is saved as a activity log to assist with the reviewing of the finding’s history.

The customer can also transition non-SWAT findings from other status like FALSE_POSITIVE, FIXED or ACCEPTED.

Example:

Portal_Finding_Vulnerability_Accept_Risk_No_Comment.png

Starting discussions with the Outpost24® Appsec team requires an active Appsec subscription.

To access existing comments, enable the comments column and click on the comment icon to quickly launch the comments window.

Manage Findings

Select one or more findings, and choose one of the actions that is displayed on the bottom bar:

Right-clicking a finding or a selected group of findings opens a menu where the same tasks can be performed.

The possible user actions are:

Start watching finding starts keeping track of notifications for the selected finding.
Stop watching finding stops keeping track of notifications for the selected finding.
Create risk score risk quick create notification for CVE score change.
Edit tags adds a tag to the selected finding. See Tags for more information.
Generate report generate a report.
Mark as fixed updates the status of that finding as fixed.
Unmark as fixed reverts the status of that finding to not fixed.
Request clarification requests clarification of an unclear finding from the OP24 technical service team.
Request verification adds a comment and send to the technical service team for verification regarding that finding.
Change severity changes the CVSS v3 severity of that finding.
Change vector changes the CVSS v3 vector of that finding.
Accept risk accepts the risk. You can also select a date and add comment.
Unaccept risk reverts the accepted risk status of that finding.
Send to sends the vulnerability information via email to a list of predetermined users or email addresses.
Mark as false positive marks a finding as a false positive.
Unmark false positive reverts a finding as a false positive.

Columns

By clicking the Column bar next to the Main Menu, you expand the column list available to Findings. Select any Column to view in the main window.

Select a specific column to know that information about a finding. All selected columns are displayed in the Findings tab. The available options are described below.

Option	Format	Description
Accepted		Time since when finding transitioned from present to accepted. If a finding cannot be mitigated right away, that finding can be accepted so that it will not be picked up by the tool every time a scan runs.
Accepted comment		Comment when accepting a finding
Accepted until		Time until when findings acceptance ends. The finding can be accepted for ever or for a short period of time. It is customizable to what ever period of time is needed, if the finding cannot be mitigated right away.
Active subscriptions		The Active subscription column indicates which currently active subscriptions are associated with the asset.
Age		Shows how old the vulnerability is in regards to when then it was first discovered in a scan.
Alternative recreation		See Recreation
Asset group IDs		Group IDs attached to Asset that the Finding belongs to.
Asset ID		The unique identifier of the Asset the Finding belongs to.
Asset name		Name of the asset associated to the finding. Could consist of among others: FQDN IP-address Agent ID Container image name
Attachment IDs		List of IDs to files such as screenshots or text files attached to the finding uploaded by the Appsec team.
BugTraq		Bugtraq ID of the vulnerability.
CAPEC		Common Attack Pattern Enumerations and Classifications (CAPEC™) is a catalog of known cyber security attack patterns used to prevent attacks. Same information as in the Detailed tab.
Check ID		The rule ID that triggered the finding.
Comments		Number of comments associated to the finding.
Created		When the finding object was first created. Counted from when a scan first resulted in this finding or when the Appsec team pushed it.
Created by		Who created it: System if it was from a scan Appsec team if they created it
Custom BugTraq		Configurable BugTraq field to “override” the default values set based on what is found in the scan.
Custom CVE		Configurable CVE field to “override” the default values set based on what is found in the scan.
Custom CVSS v2 vector		Configurable CVSS v2 severity field to “override” the default values set based on what is found in the scan.
Custom CVSS v2 severity		Custom CVSS v2 vector field that’s used exclusively during migration from Netsec Classic to preserve user defined values.
Custom CVSS v3 vector		Configurable CVSS v3 vector field to “override” the default values set based on what is found in the scan.
Custom CVSS v3 severity		Configurable CVSS v3 severity field to “override” the default values set based on what is found in the scan.
Custom CWE		Configurable CWE field to “override” the default values set based on what is found in the scan.
Custom description		Configurable Description field to “override” the default values set based on what is found in the scan.
Custom name		Configurable Name field to “override” the default values set based on what is found in the scan.
Custom solution		Configurable Solution field to “override” the default values set based on what is found in the scan.
CVE		Common Vulnerabilities and Exposures (CVE) entry of the vulnerability. CVE is a list of publicly disclosed computer security flaws that's been assigned a CVE ID number. Same information as in the Detailed tab.
CVSS score	CRITICAL - 9.0-10.0 HIGH - 7.0-8.9 MEDIUM - 4.0-6.9 LOW - 0.1-3.9 RECOMMENDATION - 0 UNKNOWN	The CVSS score is a numerical value that quantifies the severity of a security vulnerability. It consists of three main components: the Base Score (intrinsic severity), the Temporal Score (current risk), the Environmental Score (customized based on an organization's environment). The Base Score ranges from 0.0 to 10.0 and is determined by assessing various metrics. The CVSS score column combines score from both CVSS v2 and CVSS v3 where v3 have priority. However, when v3 is not available, v2 is shown. The CVSS score is shown as default, but previous CVSS-specific columns are still available.
CVSS Severity	The format is based on a combination of CVSS V2 and V3 Severities. Note that a 9.5 score in V2 may result in only a HIGH mark in severity if V3 values is not available.	CVSS severity is a qualitative assessment of the overall seriousness of a security vulnerability based on its CVSS Base Score. The severity levels range from "RECOMMENDATION" to "CRITICAL" . These levels help to quickly understand the potential risk posed by a vulnerability and prioritize the response efforts accordingly. However, organizations should also consider their specific context when assessing and addressing vulnerabilities. The CVSS Severity is a coalesced value on the different CVSS versions (currently version 2 and 3) with the higher version taking priority.
CVSS v2 base score	HIGH 7.0-10.0 MEDIUM 4.0-6.9 LOW 0.0-3.9 RECOMMENDATION	The CVSS v2 Base Score is a numerical value that quantifies the intrinsic severity of a security vulnerability. It is calculated based on various metrics like how the vulnerability can be exploited, based on Access Complexity (AC), Authentication (AU) requirements, and the potential Confidentiality Impact (C), Integrity (I), and Availability Impact (AI). The score ranges from 0.0 (LOW severity) to 10.0 (HIGH severity).
CVSS v2 environmental score	HIGH 7.0-10.0 MEDIUM 4.0-6.9 LOW 0.0-3.9	CVSS v2 Environmental Score represents the characteristics of a vulnerability that are relevant and unique to a particular environment. It takes into account factors such as the importance of Confidentiality Requirement (CR), Integrity Requirement (IR), and Availability Requirement (AR) for the affected asset, as well as adjustments based on an organization's security controls and configurations.
CVSS v2 score	HIGH 7.0-10.0 MEDIUM 4.0-6.9 LOW 0.0-3.9 RECOMMENDATION	The CVSS v2 score is a numerical value used to assess the severity of a security vulnerability. It consists of three main components Base Score which quantifies the vulnerability's intrinsic severity ranging from 0.0 to 10.0. Temporal Score (optional) that considers temporal factors like exploitability, patch availability, and report confidence to assess the current risk associated with the vulnerability. Environmental Score (optional) component that allows organizations to customize the score based on their specific environment, considering factors like asset importance and security controls.
CVSS v2 severity	HIGH 7.0-10.0 MEDIUM 4.0-6.9 LOW 0.0-3.9 RECOMMENDATION	CVSS v2 severity is a qualitative assessment of the overall seriousness of a security vulnerability. It categorizes vulnerabilities into levels like Low, Medium, High, or Critical to provide a quick understanding of the risk they pose. The Base Score quantifies the intrinsic severity of the vulnerability based on various metrics such as
CVSS v2 temporal score	HIGH 7.0-10.0 MEDIUM 4.0-6.9 LOW 0.0-3.9	CVSS v2 Temporal Score represents the characteristics of a vulnerability that change over time but not among user environments. These characteristics include the likelihood of Exploitation (E), the availability of fixes or workarounds Remediation Level (RL), and the Report Confidence (RC) level in the vulnerability report. The Temporal Score is used to understand the real-world impact and urgency of addressing a vulnerability at a given time.
CVSS v2 vector		The CVSS v2 vector is a textual representation used to describe the key characteristics of a security vulnerability. It consists of metrics and values that assess factors like how the vulnerability can be accessed, its complexity, authentication requirements, and the potential impact on data confidentiality, integrity, and availability. This vector string is used to calculate the CVSS v2 Base Score, which quantifies the vulnerability's intrinsic severity, and it serves as a standardized way to communicate detailed information about the vulnerability's attributes.
CVSS v3 base score	CRITICAL - 9.0-10.0 HIGH - 7.0-8.9 MEDIUM - 4.0-6.9 LOW - 0.1-3.9 RECOMMENDATION - 0 UNKNOWN	The CVSS v3 Base Score represents the intrinsic severity of a security vulnerability. It is determined by assessing metrics such as Attack Vector (AV), Attack Complexity (AC), Privileges Required (PR), User Interaction (Ui), Scope (S), and impact on Confidentiality (C), Integrity (I), and Availability (A). The Base Score does not consider specific environment or mitigating factors. CVSS v3 combines these metrics to calculate the Base Score, which provides a standardized way to understand the severity of a vulnerability. The score is then used to prioritize their vulnerability management efforts.
CVSS v3 environmental score	CRITICAL - 9.0-10.0 HIGH - 7.0-8.9 MEDIUM - 4.0-6.9 LOW - 0.1-3.9 RECOMMENDATION - 0 UNKNOWN	The CVSS v3 Environmental Score is bases of an organization's specific circumstances when assessing the severity of a vulnerability. The Environmental Score considers factors like confidentiality, integrity, and availability requirements, as well as an organization's security controls and configurations. It provides a customized risk assessment for a vulnerability within a specific organizational context, helping to prioritize response efforts accordingly.
CVSS v3 score	CRITICAL - 9.0-10.0 HIGH - 7.0-8.9 MEDIUM - 4.0-6.9 LOW - 0.1-3.9 RECOMMENDATION - 0 UNKNOWN	The CVSS v3 score is a numerical value that quantifies the severity of a security vulnerability. It consists of three main components: the Base Score (intrinsic severity), the Temporal Score (current risk), the Environmental Score (customized based on an organization's environment). The Base Score ranges from 0.0 to 10.0 and is determined by assessing various metrics.
CVSS v3 severity	CRITICAL - 9.0-10.0 HIGH - 7.0-8.9 MEDIUM - 4.0-6.9 LOW - 0.1-3.9 RECOMMENDATION - 0	CVSS v3 severity is a qualitative assessment of the overall seriousness of a security vulnerability based on its CVSS Base Score. The severity levels range from "RECOMMENDATION" to "CRITICAL" . These levels help to quickly understand the potential risk posed by a vulnerability and prioritize the response efforts accordingly. However, organizations should also consider their specific context when assessing and addressing vulnerabilities.
CVSS v3 temporal score	CRITICAL - 9.0-10.0 HIGH - 7.0-8.9 MEDIUM - 4.0-6.9 LOW - 0.1-3.9 RECOMMENDATION - 0	The CVSS v3 Temporal Score is used to assess the current risk of a security vulnerability. It considers factors like the likelihood of Exploitability (E), Remediation Level (RL), and Report Confidence (RC) . By adjusting the Base Score with these temporal factors, organizations can better understand the urgency and real-world impact of a vulnerability, helping to prioritize response efforts effectively.
CVSS v3 vector		The CVSS v3 vector is a text-based representation that encodes key details about a security vulnerability. It includes fields for Base metrics, Temporal metrics , and Environmental metrics. These metrics describe attributes like how the vulnerability can be accessed, its exploitability, the availability of fixes, and more. The CVSS v3 vector is used to calculate the CVSS scores
CWE		Common Weakness Enumeration (CWE™) is a list of common software and hardware weaknesses that have security ramifications. Same information as in the Detailed tab.
Description		Detailed explanation of the finding with information about the nature of the vulnerability and its potential impact on the affected system. Same as in Details tab.
EPSS score		The Exploit Prediction Scoring System (EPSS) score estimates the probability that a vulnerability will be exploited in the wild within the next 30 days
EPSS score delta		This metric shows the change in EPSS score compared to the previous evaluation period
Exploits details		Indicates whether known exploits exist for the vulnerability
Enabled		The `enabled` field is a boolean flag, filterable and non-editable. It takes value from the finding’s asset.
Exploits available		Determines if there is a publicly available exploit present for this vulnerability.
False positive		Shows if the vulnerability has been marked as a false positive. A false positive refers to a situation where a system or tool incorrectly identifies something as a problem or issue when it is not. False positives can lead to wasted resources and may require efforts to reduce their occurrence for better accuracy in automated systems and processes.
False positive comment		Comments left when identifying a false positive.
First scan ID		ID of the scanlog entry this finding was first found in.
First seen		Date shows when the finding was first discovered on a specific asset during recurring scans. When not found in a scan, the first seen date resets.
Fixed		Timestamp of when the finding was marked as fixed by the customer or the Appsec team.
ID		Unique identifier of the finding.
Impact		Describes the potential impact of the identified vulnerability. Same information as in the Detailed tab.
Is accepted		Whether the finding has been marked as an accepted risk or not, since the launch of the status field.
Last scan ID		This is the last (latest) scan this finding was found in.
Last seen		Date shows when the finding was last seen on a specific asset. Checks if the finding is present in recurring scans. If it is not found in one scan, the last seen date resets.
Match IDs		Reference ID to the scanners raw data output that the finding is generated from and contains in depth information such as vhost, port, pattern, url, product versions, and so on.
Name		The name of the vulnerability.
OWASP 2004		OWASP (Open Worldwide Application Security Project) Top 10 is a standard awareness document for developers and web application security, and represents a broad consensus about what the most critical web application security flaws are. Each year represent an update to OWASP API refers to OWASP’s focus on the security of Application Programming Interfaces (APIs) — specifically, the vulnerabilities, risks, and protection techniques related to APIs that modern apps, for example, mobile apps, web apps, cloud services, IoT rely on. OWASP Mobile refers to a collection of projects and resources from OWASP specifically focused on securing mobile applications such as apps running on Android, iOS, and similar mobile operating systems. Each column presents the numerical value shown in the Detailed tab.
OWASP 2007
OWASP 2010
OWASP 2013
OWASP 2017
OWASP 2021
OWASP API 2023
OWASP Mobile 2024
Ports		Displays ports the finding is found on. Hovering mouse on the port chip displays the port number and protocol as tool-tip. Number filter is applicable on the column.
Potential		Flags if this finding has been marked as a potential false positive by customer or Appsec team.
Recreation		Shows the information on how to recreate the identified vulnerability. Same information as in the Detailed tab.
SANS 25		The SANS value shows the vulnerability score
KEV		The Kev value show the Known Exploited Vulnerabilities
Seen last scan		Boolean value that shows if the finding was detected during the last scan of the linked asset.
Sent to		Lists the email addresses to which the vulnerability information has been sent.
Solution		The Solution column provides an actionable advice how to remediate the vulnerability as well as detailed information about the context of the vulnerability where it was found.
Solution Patches		The Solution Patches column provides an patch number to remediate the vulnerability that was found.
Solution product		Identifies the affected product or software solution.
Solution title		Provides a concise title for the solution or patch.
Solution type		Categorizes the type of solution (e.g., patch, update).
Solution UUID		Universally Unique Identifier for tracking the solution.
Source		Which source scanner or product type does the finding originate from.
Status		Indicates the different statuses for a finding. Can be marked as: Accepted - Displays if the risk is accepted or not False Positive - The scanner is finding a risk that has been marked by someone to be a false positive and is not supposed to pick up on. Fixed - Shows if the vulnerability has been marked as fixed. Irreproducible - AppSec not able to reproduce finding Pending Verification - Shows if there is any pending verification request Present - (Default) Shows that a Finding is present after scanning
Status verified		Boolean value that is Yes (checkmark) if an APPSEC/OFFSEC finding was marked as FIXED by a GhostLabs consultant and No (blank) by a customer user.
Tags		Displays the available tags associated with the finding.
Updated		Timestamp of when the finding was last updated at all for any reason, system- or user-initiated.
Updated by		Who did the last updating action, system, user, or AppSec team and so on.
Watching		Indicates that there is a Notification associated with this finding. See Notification Settings for more information.

Filtering

The vulnerability findings can be filtered by Asset groups & Assets by expanding the filter menu.

To expand the filter menu, open Findings and then Vulnerabilities.
Open the Asset groups & Assets by clicking on the assets icon.
In the menu there are two areas, Asset groups and Assets are separated in two areas.
When selecting an Asset group, the vulnerabilities are filtered to cover only those vulnerabilities associated with the selected assets and a bar at the bottom of the panel appears with the option of report export.
When selecting an asset, Asset group is automatically deselected and vice versa. This also updates the filtered vulnerabilities according to selection.
The "You don't have access to this section." error message in Asset groups area indicates that the user lacks the required permissions to see Asset groups.