Understanding Scan Results

Understanding Scan Results

Once a scan is complete, the results provide essential insights into the vulnerabilities detected, their severity, and suggested remediation steps. Here’s how to understand and make the most of your scan results.

1. Accessing Scan Results

Navigate to Results: From the dashboard, go to Scanning to view all finished scans.

Open Scan Report: Click on the relevant target to open the detailed report. This will bring you to an overview of all vulnerabilities detected in that specific scan.

2. Understanding the Summary Overview

The summary overview provides a high-level snapshot of the scan’s findings, including:

 

Total Vulnerabilities Found: The number of security issues detected.

Severity Levels: Vulnerabilities are often categorized by severity, as High, Medium, Low to help prioritize the most critical issues.

Overall Security Score: Indicating the general security health of the target based on the findings.

3. Vulnerability Details

Each detected vulnerability includes detailed information to help you understand its impact and how to fix it.

 

Vulnerability Type: The specific security risk identified, such as SQL Injection, Cross-Site Scripting (XSS), or Misconfiguration.

Severity Rating: The risk level of the vulnerability, from High (urgent) to Low(no immediate action required).

Description: A brief explanation of the vulnerability, including how it could potentially affect your web application.

Affected URLs or Components: A list of pages, endpoints, or components within the application that are impacted by the vulnerability.

Evidence: Specific details or data showing how the vulnerability was detected, such as error messages, response codes, or payloads used during testing.

4. Recommended Remediation Steps

For each vulnerability, the results include suggested remediation steps. These recommendations provide guidance on fixing the issue, including:

 

Detailed Fix Suggestions: Steps or code adjustments needed to eliminate the vulnerability.

Security Best Practices: Tips to prevent similar issues from occurring in the future.

External Resources (if applicable): Links to documentation or articles for additional context on fixing and understanding the vulnerability.

5. Exporting and Sharing Reports

Generate Report: If you need a shareable document, use the Export Report option to download the results in formats like PDF.

6. Tracking and Retesting Vulnerabilities

Once issues are remediated, it’s essential to verify that fixes are successful.

 

Mark as Resolved: Update the status of each vulnerability in the tool to indicate remediation progress.

Run a Retest: Conduct a follow-up scan to confirm that the fixes have effectively resolved the vulnerabilities.

    • Related Articles

    • Steps to Schedule a Scan

      Scheduling scans ensures that your web application is regularly monitored for vulnerabilities without manual intervention. Here’s how to set up a scheduled scan in web-scanner.app 1. Navigate to Scheduled Scan Settings Go to Settings from the main ...

    • Assigning Issues to Team Members for Resolution

      Assigning detected issues to specific team members allows for streamlined remediation and accountability. Here’s how you can assign vulnerabilities identified in a scan to a team member in ActiveQ. 1. Navigate to the Scan Results Go to Completed ...

    • Types of Scans

      Web-scanner.app offers various scan types to cater to different testing needs, ensuring flexibility and control over the security scanning process. Below is an overview of the available scan types and when to use each: Safe Scan Description: A ...

    • Adding Target and Setting Up Authentication

      Adding a target and configuring authentication are essential steps in setting up a security scan. Here’s a guide to walk you through these steps to ensure a comprehensive security assessment of your web application. Adding a Target Navigate to the ...