You can manually create a Finding for any Pentest.
- Go to Pentests in the left-hand menu
- Click on the relevant Pentest
- Move to the Findings Menu in the Pentest Dashboard
- Click “+ New Finding”
- Choose Vulnerability or Observation
- Set the Finding Code
- Name the Finding
- Assign a Status (Draft is Default)
- Assign Assets from the system
- Add a Description
- Add a Link
- Rate CWE and CVE
- Set Criticality and Risk Information
- Write out Background Information. Description support Markdown
- Write out Recommendations
- Link the Finding to Tasks and Control Groups
- Add Instances
- Click Save
The Finding will not be visible to the Client until you change the Status to “Pending Fix”
*Your Pentest Report Template may exclude some Types of Findings. For example, you may chose to exclude “observations” from a Report. However, you can still push them as Findings to the client.