Skip to main content

Scan detail page

Everything you need, all in one convenient place

Written by Joe Haigh

Overview

A scan's detail page includes the scan name (which will default to One-off scan if one isn't given), number of targets scanned, checks run, issues found, scan start date (and time), the duration, any advanced settings that were enabled, issues, targets, and scanned URLs:

ℹ️ Note: The advanced settings mentioned above are only available on Pro, Enterprise, and Vanguard plans.

Issues tab

This will show you new and existing issues for the targets included in the scan, including unresponsive or unlicensed targets and authentication issues:

Clicking on an issue will show its severity, exploit likelihood, CVEs, an overview, and a list of occurrences:

Targets tab

Here, you'll see a list of all targets included in the scan, a coloured dot (to indicate the target's status), and a count of the issues found (colour-coded by severity).

Using the drop-downs, you can filter the list by target, tag, or issue severity, and by clicking on one of the three boxes, you can filter by target status.

Scanned URLs tab

Here, you can view the list of all pages covered by the application license – very helpful when trying to determine the coverage of an application scan:

ℹ️ Note: The scanner automatically probes common files like favicon.ico, robots.txt, and sitemap.xml during authenticated scans, as these files can inadvertently reveal hidden paths, sensitive metadata, and a detailed map of your application's structure and technology stack to an attacker. If you are scanning an API, you'll see these URLs in a separate "Scanned URLs" section as shown below:

If you notice a warning at the top of the Scan Detail Page showing that the scan may not have provided full coverage, this means that one or more of the authentications have not been verified:

To verify these authentications, click on the Target from the Targets page, select the three dots, and choose the 'Check status' option. This will allow you to ensure the authentication is working as you'd expect and remove this notification from your next scan.

How do I access a scan's detail page?

There are numerous ways:

1. Via the Scans page > click on the specific scan

2. From the activity feed

3. From a Teams / Slack notification

4. A link in the scan complete email

How can I see my scan's progress?

Open a scan from the Scans page, activity feed, Teams / Slack notification, or a link in a scan complete email:

Will issues appear while the scan is running?

Yes, however, please note that results are not finalized until the scan has completed:

Can I download a report from a scan's detail page?

Yes, absolutely. Just click the yellow button at the top of the page and select your preferred file type.

Related Articles
Emerging Threat Scans explained
Quick guide to authenticated web-app scanning
New service scan
Target's detail page
Targets overview page
Did this answer your question?