How to access all findings for your pentest
From your pentest landing page go to the "Findings" section
Within the "Findings" tab, there are four states:
- Awaiting - These are all potential vulnerabilities that the pentesters have posted.
- Pending Fix - The Pentester Lead will go through each "Awaiting" finding and triage them. If determined valid, the Lead will assign the finding a criticality based on likelihood of occurence and business impact and mark it as "Pending Fix".
- Re-test - Once you've deployed a fix for a finding and would like it verified, you can mark it as "Ready for Re-test". This will change the state of finding to "Re-test" and alert the pentester who reported the finding.
- Resolved- The Pentester or Lead will mark a finding as "Resolved" if it has been successfully remediated. Another way to change a finding to a "Resolved" state is to mark it as an "Accepted Risk."