π Reading Your Results
The platform provides continuous visibility into detected vulnerabilities.
Findings are updated in real time as scans run across your assets, so you can monitor, prioritize, and remediate issues progressively.
1. Vulnerabilities Pageβ
The Vulnerabilities list provides a global overview of all findings across your tested assets.
π Key Columnsβ
- Name: Title/description of the vulnerability.
- Target: Domain, application, or system where the issue was found.
- Vulnerabilities: Severity badges with counts of affected endpoints (e.g.,
HIGH: 3,INFO: 2). - Created At: Date when the vulnerability was first detected.
π― How to use itβ
- Quickly identify which targets and endpoints have the most critical issues.
- Sort by severity to prioritize remediation efforts.
- Export vulnerabilities if needed for reporting or offline analysis.
2. Detailed Vulnerability Pageβ
Clicking on a vulnerability opens its dedicated page with full context.
π Sectionsβ
-
Header summary
Displays the main information at a glance:- Vulnerability name
- Severity level (e.g., High, Critical)
- Affected target
- Number of impacted endpoints
-
Business Risks
Explains the organizational impact of the vulnerability:- Potential financial loss
- Legal/regulatory exposure
- Brand reputation damage
-
Non-Technical Description
A simplified explanation of the issue, written for non-technical stakeholders.
Example: βSensitive information can be seen by someone who should not have access, similar to leaving confidential documents on a desk in plain sight.β -
Technical Description
A deeper explanation for security and development teams, including:- Root cause of the vulnerability
- Code examples
- Misconfigurations or bad practices
-
Recommendations
Concrete remediation guidance:- Security best practices
- Configuration changes
- Code-level fixes
-
References
Links to standards and documentation:- OWASP guidelines
- CVE entries
- Vendor advisories
-
Vulnerable Endpoints Table
Provides granular details about each affected endpoint:-
Severity
Risk level of the finding (Info, Low, Medium, High, Critical).
Helps prioritize fixes. -
HTTP Method
The HTTP verb used in the request (GET, POST, PUT, DELETE, etc.).
Indicates how the vulnerability can be triggered. -
Endpoint URL
The specific URL or resource where the vulnerability was detected. -
Confidence level
The reliability of the detection (e.g. High = confirmed, Medium: probably, Low = potential). -
Impact level
How severe the consequences could be if exploited. -
Probability level
Likelihood of exploitation by an attacker (Low, Medium, High). -
Status
Current remediation state of the endpoint.
Useful for tracking vulnerability lifecycle.
-
π― How to use itβ
- Share the Business/Non-Technical description with managers.
- Use the Technical description and Recommendations for your engineering/security teams.
- Track remediation by monitoring the status of vulnerable endpoints.
3. Reproduction Data per Endpointβ
For each vulnerable endpoint, you can view detailed reproduction steps.
π Data Availableβ
- Endpoint URL: the affected resource.
- Reproduction command: ready-to-use
curlor HTTP request for testing the issue. - Input: parameters or payloads that triggered the vulnerability.
- Output: server response showing evidence of the issue (e.g., leaked data, error messages).
π― How to use itβ
- Developers can reproduce the vulnerability locally to confirm it.
- Security teams can validate the exploitability and assess the risk.
- Use this section as proof-of-concept for reporting and fixing issues.
β Best Practicesβ
- Start from the Vulnerabilities list β identify critical issues first.
- Dive into the detailed page β understand risk and remediation.
- Use reproduction data β confirm and validate before applying fixes.
- Update & retest β after remediation, rerun scans to confirm closure.