About
The Findings Page is designed to efficiently manage, prioritize, and remediate vulnerabilities from an instance-focused perspective.
Unlike the Vulnerabilities Page, which presents a list of unique vulnerabilities (grouped by type or category), the Findings Page provides a detailed list of vulnerability instances.
Each item (each row) on the Findings Page represents a specific vulnerability occurrence on an individual asset, offering granular visibility into how vulnerabilities are distributed across your environment.
ֿThis instance-based view allows you to precisely track vulnerabilities, making it easier to take targeted actions directly related to the affected assets.
What you can do on the Findings page
Glance at key finding details
View all vulnerability instances (Findings) directly associated with their impacted assets.
Each row in the main view represents an occurrence of a vulnerability on a specific asset.
Each row consolidates all relevant information—like risk score, instance status, and suggested fixes—into one place for easier tracking and decision-making.
Filter and narrow results
Use the Filter button to refine your view and focus on what matters most.
Narrow down results based on Business Groups, Asset Types, Risk Levels, or other custom criteria to prioritize vulnerabilities effectively.
Explore finding details
The Findings page allows you to investigate detailed information about each vulnerability instance (Finding).
Click on a finding to open a dedicated, detailed view where you can:
Review risk
Risk Score: Risk displayed with a severity indicator (e.g., red for critical).
First Seen and Last Seen: Track when the vulnerability was initially and most recently detected.
SLA Status: Check how long the vulnerability has exceeded its SLA timeframe, providing insight into remediation urgency.
Source: Identify the tool or integration that reported the vulnerability.
Understand the instance
Name and description: Review a comprehensive vulnerability description, including specific code references or impacted processes (e.g., file names, methods, or attack vectors).
CVE details: Access associated CVE numbers, publish dates, and other metadata for deeper analysis.
Publish Date: See the exact date the vulnerability was officially disclosed by trusted CVE sources, giving you insight into how long it has been publicly known.
Attack Vector: Understand the type of attack associated with the vulnerability, such as OWASP categories, injection types, or exploitation methods.
Link to more vulnerability instance details: Click the hyperlinked vulnerability name to access its complete information, including affected assets and business groups, linked Asset Tags, and much more.
To access the full unique vulnerability details, click Open full details.
Inspect impacted assets
See detailed information about the asset affected by the vulnerability.
Asset name: Review the specific asset name to correlate findings with your environment.
Asset type: Identify whether it's a host, code project, or other asset type.
Created and Last Seen: Track when the asset was created and most recently detected.
Technical identification details: Review the asset's IP address, OS, and MAC address (if available).
Tags: View all tags associated with the asset, including business context and technical classifications.
Business Groups: Determine which business groups the asset belongs to for better remediation prioritization.
Link to more asset details: Click the hyperlinked asset name to access its details, including related business groups, Tags, and much more.
To access the full asset details, click Open full details.
Review available fixes
Navigate to the Fixes tab to view one or more remediation recommendations for the finding. Each fix includes:
Suggested actions to resolve the vulnerability.
Indications for other instances will be automatically fixed once this one is fixed.
Take immediate Action
The Take Action button enables you to address vulnerabilities directly from the Findings Page, whether you're working on a single finding or multiple findings at once:
For Individual Findings: Click the Take Action button directly within a specific finding's detailed view to manage it.
For Multiple Findings: Use the main Findings Page checkboxes to select multiple findings, then click Take Action to perform bulk actions—saving time and streamlining your workflow.
With the Take Action button, you can:
Create Tickets:
Generate remediation tickets via email or through integrated ticketing tools such as Jira, ServiceNow, or Azure Boards.
Share Details:
Share findings seamlessly through email or integrated collaboration tools like Slack or Microsoft Teams, ensuring team members are informed and aligned.
Create Exceptions:
Leverage the Vulcan Platform's Exception Request flow to apply your organization's risk-acceptance policies. This feature allows users to:
Submit exception requests for specific vulnerabilities included in remediation tickets.
Trigger the approval workflow automatically upon submission, as outlined in the platform's documentation.
Export data for analysis
The Export Data button makes it easy to download findings in CSV or Excel for sharing or offline analysis. Here's how you can use this feature:
Default export: By default, the exported file includes fixed key columns, such as vulnerability name, asset name, risk score, and more.
Customize your export: You can choose which columns to include.
Search and organize your Findings
Quickly locate specific vulnerabilities or findings using the Search by Name field.
Search anything using an embedded AI search engine.
Organize your view by customizing the table layout using the column selector, ensuring you have visibility into the information most relevant to you.
