Results
Application Scanning generates detailed findings for each vulnerability it discovers. This page explains how to interpret findings, use proof-of-concept data, and prioritize remediation.
Anatomy of a Finding
Each finding contains the following information:
Vulnerability Title and Type
The finding title identifies the specific vulnerability class (e.g., “Reflected Cross-Site Scripting in search parameter”). The type categorizes the finding within a vulnerability taxonomy for filtering and reporting.
Severity Rating
Findings are assigned a severity based on the potential impact of exploitation:
| Severity | Description |
|---|---|
| Critical | Direct path to data breach, account takeover, or system compromise. Exploitation requires minimal skill and has severe consequences. |
| High | Significant security risk with clear potential for damage. May require specific conditions but impact is substantial. |
| Medium | Moderate risk requiring remediation. Exploitation may require chaining with other issues or specific preconditions. |
| Low | Minor security concern or best-practice deviation. Limited direct impact but should be addressed as part of security hygiene. |
| Information | Configuration observations or informational notes that provide security context without representing exploitable vulnerabilities. |
Proof of Concept
The proof of concept (PoC) is one of the most valuable parts of each finding. It includes:
- The HTTP request that triggered the vulnerability, including the full URL, headers, and body with the injected payload
- The HTTP response showing the exploitation indicator (e.g., reflected payload in the response body, SQL error message, timing difference)
- Highlighted evidence pointing to the specific part of the response that confirms the vulnerability
The PoC allows your development team to reproduce the issue independently and verify their fix.
Affected URL and Parameter
Each finding identifies the exact URL and input parameter where the vulnerability was detected. This pinpoints where in your application the fix needs to be applied.
Description
A detailed explanation of the vulnerability, including:
- What the vulnerability is and why it is dangerous
- How an attacker could exploit it
- The potential impact of successful exploitation
- References to relevant standards (CWE, OWASP)
Remediation Guidance
Specific steps to fix the vulnerability, tailored to the finding type. Remediation guidance typically includes:
- The recommended fix (e.g., parameterized queries for SQLi, output encoding for XSS)
- Code-level guidance where applicable
- Configuration changes if the issue is at the infrastructure level
- Links to external resources for additional context
Finding Lifecycle
Findings progress through statuses as you address them:
- New — The vulnerability was detected for the first time in the latest scan
- Active — The vulnerability has been detected in multiple scans and has not been fixed
- Fixed — The vulnerability was not detected in the most recent scan after previously being present
- Regression — A previously fixed vulnerability has been detected again
Automatic Status Transitions
- New to Active: Happens automatically if the vulnerability persists across scans
- Active to Fixed: Happens automatically when the scanner no longer detects the vulnerability
- Fixed to Regression: Happens automatically if the vulnerability reappears after being marked as fixed
Prioritizing Remediation
When reviewing findings, consider the following prioritization approach:
- Critical severity findings: Address immediately. These represent the highest risk to your application and data.
- High severity in authenticated areas: Vulnerabilities in authenticated sections often have access to sensitive data, increasing impact.
- Findings with easy exploitation: PoCs that demonstrate simple, reliable exploitation indicate lower attacker skill requirements.
- Regressions: Previously fixed issues that reappear may indicate systemic problems in your development process.
Sharing and Exporting Findings
- Team sharing: Findings can be viewed by all team members with access to your Detectify account
- Integration routing: Findings can be automatically sent to Jira, Slack, Teams, and other integrations
- Export: Download findings in CSV format or access them programmatically via the API
- Finding detail links: Each finding has a unique URL that can be shared with developers for review
Next Steps
- Coverage — Understand what vulnerabilities the scanner detects
- Troubleshooting — Resolve issues with scan results
- Scan Profiles — Refine your scan configuration based on results