Help Center
Release Notes
Indusface
Help Center
Release Notes
Indusface
AppTrana
Indusface WAS
Onboard into Indusface WASSAML Integration with Azure for Single Sign-On
Summary
Dashboard
Malware Monitoring
Application Audit
Vulnerability Assessment
Vulnerability Assessment
API Security Audit
Asset Monitoring
Reports
Vulnerabilities
Settings
Additional Resources
Zero-Day Vulnerability Reports
Security Bulletins
Vulnerability data
Vulnerabilities 2024
Other Vulnerabilities
AppTrana API Integration
Indusface Partner APIsUpdate Origin Server Address through API Call

Vulnerability Assessment

This tab displays various reports of Vulnerability Assessment scans from Top Threats Identified During Last Scan to Threats Identified During Last 5 Days in the form of various graphs.

List of IP Address registered with Vulnerability Assessment is displayed with Scan Status. This widget is displayed for All Sites only.

 

Scan Status

 

Click Scan Status button to view the scans and services that are active or inactive. Scan Status pop-up appears.

The Scanned Websites with Vulnerabilities FoundStatus of the scan and Action column is displayed.

ParameterDescription
URLThe URL of the scanned websites is displayed in this column.
Vulnerability Found

The count of the vulnerabilities found from an application is displayed in this column.

Click Download CSV link to display the data in the respective format.

StatusThis column displays if a scan service is Inactive or In progress.
ActionThis column displays Start button for active services and Pause and Stop button for in progress scans.

Web Applications

 

By default, scan details of All Sites is displayed for VA page. There are 2 other options i.e., In Site(s) and In Group(s).

 

In Group(s)

Click Web Applications drop-down and click In Group(s) option to display the existing groups subscribed with VA scans. Select Group drop-down appears.

Click Select Group drop-down, click to select a specific group. VA page of the selected group is displayed.

If the selected group is not subscribed for Vulnerability Assessment service, Dashboard page appears.

[OR]

List of IP Address in the group and various other VA scan reports of the selected group are displayed.

 

List of URLs 

 

  • This widget displays the Website URLs registered for Vulnerability Assessment scan and their Scan Status.
  • Scan Status is displayed  , if your Vulnerability Assessment[VA] has passed last Indusface WAS Security Scan. It does not have any critical alert.
  • Scan Status is displayed  , if Indusface WAS security scan is running or not yet started your VA service.
  • Scan Status is displayed  , if there is one or more critical alert found in last VA scan.

 

In Site(s)

 

  • This option helps a user to display a specific site from the websites registered with VA scans.
  • Click Web Applications drop-down, click In Site(s) option. Select Asset option displays.

Click Select Asset drop-down, click to select any one of the existing assets. The VA scan details of the selected assets are displayed.

The VA scan details of a specific asset with general information of an asset are displayed. Customer Asset ID is displayed if created otherwise N/A(nil) is displayed.

 

Customer Asset ID

 

Click edit customer asset ID option to create or update a short name for an Asset. Edit Customer Asset ID pop-up appears.

Click Customer Asset ID box, enter an unique ID and click Submit button. The updated ID is displayed.

 

General Info

 

This displays the basic information of a website or the selected Asset like IP Address, Last Scan, Remaining POC etc.

 

Open Services Found in Last Scan

 

The ports that are open during the last scan on the scanned IP address are displayed in this option. Open service details like Protocol, Port, Service Name, and Product Name are displayed.

 

Scan Summary

 

  • This option displays the scan details like Scan Date, Vulnerability Type, Total Vulnerabilities, and Seal Status.
  • Click PDF or Excel icon in Downloads option to download the report of a specific scan.

 

Threats Identified During Last Scan

 

  • This widget displays the threats found in last scan as CriticalHighMedium, and Low according to severity in the form of a pie chart.
  • Click  to download the report in CSV format.

 

Open Status Identified During Last Successful Scan

 

  • Three kinds of open statuses are available with a unique colour i.e., Re-openOpen, and New.
  • The number of vulnerabilities found in a specific status is displayed in the pie-chart. Mouse over a specific status in the pie chart to view the percentage.

 

Aging Summary

 

This option displays the vulnerabilities open for last 30 (or) 90 (or) 180 days. An application is vulnerable even after re-validation cycle.

ParameterDescription
LabelThis option displays the number of days a vulnerability is open for ageing summary.
CriticalThis option displays the number of critical vulnerabilities open for the respective days.
HighThis option displays the number of high vulnerabilities open for the respective days.
MediumThis option displays the number of medium vulnerabilities open for the respective days.

Click the number in respective vulnerability category (i.e., critical, high or medium) to view the further details. Vulnerability Assessment Details pop-up appears.

The Unique Alert ID, URL, Title of the vulnerability, and Severity of the open vulnerabilities is displayed. The general Description and Solution is displayed on the side.

Click Show More button of a specific open vulnerability to view further details like IP address, references, etc.

Was this helpful?

Powered by Product Fruits