Understanding Vulnerability Scanning results

It's essential not only to identify vulnerabilities in your attack surface but also to provide you with the most effective information to resolve these issues. Depending on the severity of the vulnerability, you might want to address it directly once a vulnerability is detected by ReConfirm.

All identified vulnerabilities can be found under the "Vulnerabilities" section in the ReConfirm tool. Each finding is assigned a severity level based on its CVSS score or potential technical impact if no CVSS score is available.

To view the results, simply click on the "view" button of the latest scan within the vulnerabilities page. Here, you’ll find three cards:

Details:
This section provides a comprehensive overview of the vulnerability, including information such as the vulnerability type, location, and potential impact. It gives you a clear understanding of what the issue is and where it was found, helping you assess its relevance to your system. The details include specific data points to help you prioritise the vulnerability effectively.

Results:
Under this card, you’ll find the technical findings from the scan. It includes the raw data and insights gathered during the scan process, such as payloads used, affected endpoints, or any additional evidence collected. This detailed output allows you to dive deep into the scan results, helping you understand the full scope of the vulnerability and how it was discovered.

Mitigation:
The Mitigation card offers actionable guidance on how to address and resolve the identified vulnerability. It outlines recommended steps and best practices to remediate the issue, tailored to the specific context of the finding. By providing clear instructions, this section helps you quickly implement fixes to secure your environment.

You can export selected findings in CSV, TXT, or XML format to share with colleagues, partners, or clients, or send them directly through email with a personalised message.