Note
You must have a role that includes view or edit permission for Vulnerability Testing to see attack surface test results. To check your role-based permissions go to Components tab, and find Vulnerability Testing under →
→ → → , select the role. Select theAttack surface test results are displayed on the Services page in the Inventory. The following fields in the Services table enable you to search for specific vulnerabilities.
Confirmed Vulnerabilities—This field lists the CVE IDs (or other vulnerability IDs) of the vulnerabilities that have been confirmed present on the service. You can search this field for a specific CVE ID to find all the services that have a confirmed vulnerability with that ID.
Confirmed Not Vulnerable—This field lists CVE IDs (or other vulnerability IDs) of the vulnerabilities that have been confirmed to be not present on the service. You can search this field for a specific CVE ID to find all the services that have are confirmed not vulnerable for that vulnerability.
Vulnerability Test Result—The value Confirmed Vulnerable indicates there is at least one confirmed vulnerability on the service. You can filter on this field to find all services with at least one confirmed vulnerability.
Navigate to
→Filter the Services table to find the services with a specific confirmed vulnerability.
Click on the filter icon at the top of the Confirmed Vulnerability ID column, and enter the vulnerability ID in the dialog box.
Click anywhere outside the dialog box to filter.
The list of services that are confirmed to have that vulnerability will display.
Click on a row in the table to display the details panel for that service.
On the service details panel, you can review the list of tests run, test dates, whether each test produced a confirmed vulnerable or confirmed not vulnerable result, evidence, and remediation guidance.
Click the arrow to the left of each test result to display the 14-day test history and the evidence payload returned by the service.