Confirmed positive Attack Surface Testing (AST) results automatically generate alerts.
Confirmed positive Attack Surface Testing (AST) results, including both CVE and non-CVE findings, automatically generate alerts, enabling you to formally prioritize, track, and resolve positive AST results as part of your remediation workflow.
Confirmed Positive AST results generate alerts automatically through the Attack Surface Rules (ASRs) listed in the following table. These ASRs are enabled by default.
Attack Surface Rule | Default Severity | Description |
|---|---|---|
Confirmed Exploits | Critical | Creates alerts for test results that confirm a successful exploit against a known CVE on an active asset. Confirmed exploits pose a critical risk because they prove that a technical weakness can be leveraged to gain unauthorized access, execute remote code, or escalate privileges. |
API Security | Critical | Creates alerts for critical vulnerabilities identified during testing of API endpoints, specifically targeting logic weaknesses and insecure authentication schemas. Because APIs serve as the primary gateway to sensitive backend data, these represent a direct path for unauthorized data exfiltration and potential lateral movement. |
Credential Testing | High | Creates alerts for test results that identify system misconfigurations, which are settings that could lead to data leaks or exploitation. Attackers leverage public documentation and automated tools to identify these predictable entry points, which can lead to full system compromise. |
Misconfiguration Testing | High | Creates alerts for test results that identify system misconfigurations, which are settings that could lead to data leaks or exploitation. These tests cover a broad spectrum of risky configurations that do not correspond to a specific CVE. |
To determine which attack surface rule applies to a specific attack surface test, look at the ASR Category field on the → page.
View alerts generated by attack surface test results
View alerts that were generated by positive attack surface test results by filtering the Alerts page.
You can view alerts that were generated by positive attack surface test results by filtering the Alerts page. The alert details include information about the specific attack surface test that generated the alert.
Navigate to → .
Click the filter icon, and select the following values from the drop-down menus:
Attack Surface Rule = Attack Surface Testing
Optionally, you can also select one or more of the specific attack surface rules nested under Attack Surface Testing in the drop-down menu.
Click on an alert to display the alert details.
Select the About tab and then Alert Details to display details about the attack surface test and test results.