DAST Essentials scan results
This section explains how to get the most out of the DAST Essentials scan results. DAST Essentials provides three views to give you the most relevant information about your targets.
Target list page
You see the Home page when you log in to the application. It is also called the dashboard, as it gives you the most relevant information on a high level for all your targets.
At the top, the screen shows the number of findings by the criticality of the latest security scan.
DAST Essentials rates the findings according to the Common Vulnerability Scoring System (CVSS) version 3.
Below, you see a list of your targets, including the type of scan and the last scan time.
The status dot on the left side of the row indicates the current state of the scan. You see the current status when you hover the mouse over the dot.
At the bottom of the page, you see the details of the last scan you ran, with the target name at the top. This gives you direct access to the most current vulnerabilities for quick fixing. The findings are sorted by criticality, with the most critical result at the top.
For more details, select a target.
Target overview page
DAST Essentials provides an overview of the history of scans per target and the increased security (meaning fewer vulnerabilities) over time.
You can see a visual representation of the past scans on the top. The bars show the number of findings per scan and the number and date of the scan. In addition, the results are grouped by severity, as indicated by the color scheme directly below the graph. Select the respective bar to jump to the specific scan view.
In the top right, you see the buttons for the general target actions and settings:
- Run Analysis: start a scan manually.
- Configure: change the target settings. These are described in a continuous security testing setup.
- Delete: delete the target. This will also delete the scan history, so ensure you download all documents you will need in the future.
Below the graph, you see a list of all scans, including the status, the type of scan, and the last scan time.
By selecting a scan row or the respective bar in the graph, you will get to the overview over one scan.
Scan details page
The scan details page gives you an overview of the specific scan results.
After a scan has been started, you can see the findings appear in the findings list in real-time.
The top left box gives general information, such as the scanned URL, the type of scan, when it started, how the scan was created, and the duration. You can hover the mouse over the individual items for more information.
The options for the scan start include "Manual," "Scheduler," or "Webhook." For more information on the settings for the scan start, see the continuous security testing setup.
This box also allows you to go quickly to a different scan number for the same target with the buttons at the bottom. Alternatively, you can also enter a specific scan number in the text field.
The top box in the middle is a pie chart visually representing the number of findings grouped by severity.
The top right box shows the maximum CVSS severity.
The top right corner shows the different options for downloading the report for this scan: either in .pdf format or machine-readable J-Unit format.
The bottom box has three tabs. Every tab has a notification bubble that shows the total amount of information displayed.
- Findings: This shows all results of the current scan.
- Scanner Status: Shows all scanners and how they performed.
- Crawled URLs: This shows all URLs that were scanned for vulnerabilities.
Findings tab
The Findings tab shows the title of the vulnerability scanner, detailed information about the found vulnerabilities, and the criticality from left to right. The standard sort is by severity, but you can change that by selecting on the respective column header - for example, if you would like to find all SQL Injection vulnerabilities next to each other.
You can also filter for the scanner title or a specific description content (i.e., "certificate" for SSL certificate vulnerabilities).
To get further information about a vulnerability, select its name. This opens an overlay with an additional description. Then, to get advice on remediation of the exposure, select How to fix this issue?. This takes you to the knowledge base with a detailed explanation of the issue and how to fix it.
Ignored Findings tab
The Ignored Findings tab lists any findings you set as False Positive, Accept Risk, or Won't Fix on the Findings tab.
Scanner Status tab
The Scanner Status tab shows the individual scanner status for this scan and any detailed information if the scanner has not run. In addition, the screenshot shows how all scanners were correctly executed.
Crawled URLs tab
The Crawled URLs tab shows you which pages were detected during crawling and chosen for an additional security scan. DAST Essentials scans all pages to detect interactive elements, such as a GET parameter in the URL or a form sent with a POST request. An icon shows whether there was at least one vulnerability detected on that page for every page.
The next step is to run a full scan. This allows you to test for a broader range of security vulnerabilities.
Alternatively, you can configure the continuous testing settings.