Report Token: Finding_Details – Cyver Support

This guide explains how to customize the display of finding details in reports using a query string-like syntax.

Basic Structure

The token uses URL-style parameters separated by & characters. For example:

{Finding_Details?header_table.title=Summary&group.1.fields=description,impact}

Configuration Sections

1. Header Table (Optional)

Display key information at the top of each finding:

header_table.title=Summary Table&
header_table.fields=severity,status,cvss&
header_table.cols=2&
header_table.show_finding_title=true&

2. Tables

Add tables anywhere in your finding layout:

table.1.title=Summary&
table.1.fields=severity,status&
table.1.cols=2&

3. Groups

Organize fields into logical groups:

group.1.title=Overview&
group.1.fields=description,impact&

group.2.title=Technical Details&
group.2.fields=cvss,assets&
group.2.hide_field_titles=true&

You can hide the titles for each field using the hide_field_titles property.

4. Display Settings

Title Settings

setting.title.html_tag=h1&
setting.title.display_severity=true&
setting.title.show=true&

Layout Settings

Choose between table or headings layout:

setting.layout=table&
setting.evidences.layout=table&

setting.layout=headings&
setting.evidences.layout=headings&

Evidence Display

setting.evidence_table.format=All&
setting.evidence_table.title=Evidence Details&

Asset Display

setting.assets.format=list1&

5. Filtering and Sorting (Optional)

Filter findings by various criteria:

setting.filter.type=Vulnerability&
setting.filter.status=ReadyRetest,PendingFix&
setting.filter.severity=Critical,High&
setting.filter.labels=Security,PCI-DSS&

setting.sort.field=severity&
setting.sort.direction=Descending&

Filter and sort is optional. As default, the sort will be Criticality, then CVSS. then Code.

At the moment, the sort option only supports one field.

Important Note About Numbering

When using tables and groups, the numbers after table. and group. determine the overall order of appearance. These numbers should be distinct across both tables and groups. For example:

header_table... (always appears first)
group.1... (appears second)
table.2... (appears third)
group.3... (appears fourth)

Available Fields

Basic Information

name - Finding name
description - Finding description
code - Finding identifier
severity - Finding severity level
status - Current status
type - Finding type

Technical Details

cvss - CVSS score and vector
cvss_score - CVSS score only
cvss_vector - CVSS vector only
cwes - Associated CWEs
cves - Associated CVEs
exploits - Known exploits
vulnerability_types - Types of vulnerabilities

Impact and Analysis

impact - Impact assessment
likelihood - Likelihood assessment
background_information - Background context
remediation - Remediation recommendations

Assets and Evidence

assets - Affected assets
evidences - Finding instances/evidence
evidence_table - Evidence in table format
external_url - External references
pci_evidence_table - PCI oriented style

Compliance

compliance_status - Compliance status
compliance_comment - Compliance details
compliance - Compliance controls

Other

labels - Finding labels
occurrence - New or Reoccurrence status
reoccurrence - Link to original finding
reoccurrences - List of related findings

Custom fields

Any custom field can be used as well. Just make sure you use the code of the custom field, and not the name.

Important Notes

Use & to separate multiple parameters
Field names are case-sensitive
Multiple fields should be separated by commas
Values for filter settings (type, status, severity) must match the exact enum values

Enum Values

Evidence table Format

VisibleInstances - Only the evidences marked as visible on report in finding details
All - Show all evidence
AllMergedOnPortProtocol - Merge by port/protocol

Asset Format

List1 - Single column list
List2 - Two column list
Table - Tabular format

Sort Direction

Ascending
Descending

Finding Severity

Info
Low
Medium
High
Critical

Finding Status

Draft
ToReview
Reviewed
PendingFix
ReadyRetest
Accepted
Mitigated
PartialFix
FalsePositive
Raised
ReOpen

Complete Examples

Here's a complete example combining multiple settings:

{Finding_Details?
group.1.fields=description,assets,occurrence,status,evidence_table&
group.2.title=Classification&
group.2.fields=severity,impact,likelihood,cvss,vulnerability_types,cwes,cves,exploits,labels&
group.3.title=Recommendations&
group.3.fields=background_information,remediation,external_url&
group.4.title=Compliance&
group.4.fields=compliance,compliance_status,compliance_comment&
setting.title.html_tag=h1&
setting.title.display_severity=true&
setting.title.show=true&
setting.layout=headings&
setting.evidence_table.title=Evidence Title&
setting.evidence_table.format=all&
setting.assets.format=list2&
setting.filter.type=Vulnerability&
setting.filter.status=PendingFix,Fixed,test&
setting.sort=status&
}

V1 equivalent

{Finding_Details?

group.1.fields=description&
group.1.hide_field_titles=true&

group.2.title=&
group.2.fields=assets,occurrence&

group.3.title=Classification&
group.3.fields=severity,impact,likelihood,vulnerability_types,cwes,cves,exploits&

group.4.title=Recommendations&
group.4.fields=background_information,remediation,external_url&

group.5.title=Compliance&
group.5.fields=compliance,compliance_status&

group.6.title=Evidences&
group.6.fields=evidence_table,evidences&

setting.title.html_tag=h1&
setting.title.display_severity=true&
setting.title.show=true&
setting.layout=headings&
setting.evidences.layout=headings&
setting.evidence_table.title=Evidence Title&
setting.evidence_table.format=all&
setting.assets.format=list1
}

V2 equivalent

{Finding_Details?

group.1.fields=description&

group.2.title=&
group.2.fields=assets,occurrence&

group.3.title=Classification&
group.3.fields=severity,impact,likelihood,vulnerability_types,cwes,cves,exploits&

group.4.title=Recommendations&
group.4.fields=background_information,remediation,external_url&

group.5.title=Compliance&
group.5.fields=compliance,compliance_status&

group.6.title=Evidences&
group.6.fields=evidence_table,evidences&

setting.title.html_tag=div&
setting.title.display_severity=true&
setting.title.show=true&
setting.layout=table&
setting.evidences.layout=table&
setting.evidence_table.title=Evidence Title&
setting.evidence_table.format=all&
setting.assets.format=list1
}

V3 equivalent

{Finding_Details?

header_table.title=&
header_table.fields=severity,cvss,impact,likelihood&
header_table.cols=2&
header_table.show_finding_title=true&

group.1.fields=assets,description,occurrence&

group.2.title=Classification&
group.2.fields=impact,likelihood,vulnerability_types,cwes,cves,exploits&

group.3.title=Recommendations&
group.3.fields=background_information,remediation,external_url&

group.4.title=Compliance&
group.4.fields=compliance,compliance_status&

group.5.title=Evidences&
group.5.fields=evidence_table,evidences&

setting.title.html_tag=h1&
setting.title.display_severity=false&
setting.title.show=false&

setting.layout=headings&
setting.evidences.layout=headings&
setting.evidence_table.title=&
setting.evidence_table.format=all&

setting.assets.format=list1
}

PCICompliance equivalent

{Finding_Details?

header_table.title=&
header_table.fields=severity,cvss,impact,likelihood&
header_table.cols=2&
header_table.show_finding_title=true&

group.1.fields=assets,description,occurrence&

group.2.title=Classification&
group.2.fields=impact,likelihood,vulnerability_types,cwes,cves,exploits&

group.3.title=Recommendations&
group.3.fields=background_information,remediation,external_url&

group.4.title=Compliance&
group.4.fields=compliance,compliance_status,pci_evidence_table&

group.5.title=Evidences&
group.5.fields=evidence_table,evidences&

setting.title.html_tag=h1&
setting.title.display_severity=false&
setting.title.show=true&

setting.layout=headings&
setting.evidences.layout=headings&
setting.evidence_table.title=&
setting.evidence_table.format=all&

setting.assets.format=list1

}