Get a demo
AppSec with Zero Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Support
Scan Results

Reviewing Scan Results

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

After a scan is completed, you can view both a Scan Summary and a Technical Report of the scan's findings, which display information about the number, severity, and types of vulnerabilities detected, their potential impact, and where they exist on the site.

For further information, see Integrating Invicti Enterprise With an Issue Tracking System and Vulnerability Severity Levels.

Vulnerability Families

Vulnerability Families is a feature that enables Invicti Enterprise to avoid reporting similar vulnerabilities in the same URL. Similar vulnerabilities are arranged into groups called ‘families', in which vulnerabilities are prioritized based on their exploitability. (Previously, for example, Error-based, Blind and Boolean-based SQL injections in the same URL would have been counted as separate occurrences and therefore reported as separate vulnerabilities).

In a family, vulnerabilities are prioritized based on their exploitability. If an endpoint is vulnerable to similar versions of the same vulnerability, only the most relevant and easy to exploit vulnerability will be reported. This makes scan reports more simple, accurate and relevant.

How to review scan results and imported vulnerabilities

If the vulnerability has already been automatically created in your issue tracking system (because it meets the criteria configured in Configuring Endpoint Integration), the issue number will be displayed. The grouping of each vulnerability into a family is an automatic process and does not impact your review of scan results.

Once you have configured the integration, a new Send To button is added to every reported vulnerability listed in the scan results. This enables you to send the vulnerability to any of the integrated projects.

You can view the details saved in your issue tracking system by clicking on the issue number.

How to open the Scan report page

  1. Select Scans > Recent Scans from the left-side menu.
  2. Select a recent scan and click on the Report button on the far right.

  1. The report openes and is divided into two sections:

Scan Summary and the Technical Report

While the scan summary presents a general overview of the scan, the Technical Report provides detailed information about the scan. They display information about the number, severity, and types of vulnerabilities detected, the impact they could have, and where they exist on the site.

The scan summary also allows you to rescan the website, download the scan data, and export the scan report.  

How to review scan results and imported vulnerabilities

To learn more about reviewing scan results and imported vulnerabilities, refer to our Sending vulnerabilities manually to an issue-tracking system documentation.

Top Articles

What is Invicti?

Overview of Scan Policies

Scheduling Scans

Managing Integrations

Built-In Reports