Findings Admin


The Findings Admin screen allows you to customize the fields available in the Findings Library. Don’t need to capture Validation Steps or track a Remediation Log? Simply visit the Findings Admin utility and hide these fields. Want to rename the References field to External Links? No problem. Add/Remove environments and categories. You can even change the color of your Risk Levels!


Elect to show or hide various fields such as CVSS or DREAD. If your organization doesn't use a particular field, simply remove it from your user interface.

Hiding fields from the user interface does not remove data from the database. Any previously entered values in Engagement Findings or Findings Library entries will not be lost, only hidden.

Brief Fields

Several fields in the Findings System have a Brief variant. These are meant to be short descriptive versions of the full language field. For example, "Description - Brief" summarizes the Finding's "Description" in one or two sentences. These brief fields are useful for short executive summaries where the longer version is not needed.

Not all organizations take advantage of these brief fields, therefor they are broken out in the Fields list and can be hidden from your Findings Systems while keeping the full language field.

Rename Fields

Use the Rename functionality to customize the names of certain fields. Renaming a field affects your Findings Library interface and all Engagement's Findings. This does not affect generated reports since those details are customizable by uploading a new Report Template.

Renaming brief fields affects both the brief version of the field and the full language field.


These lists are the available drop down values when creating a Finding during an Engagement.

Modifying these lists does not affect previously created Engagement Findings or Findings Library entries. This only affects the list shown while creating new entries.


Define the environments you operate in, such as Web, Internal, External, etc.


The format for Categories is:

Environment - Category

Environment is optional and limits the Category to the Environment. If no Environment is specified, the Category will appear in all Environments.

Risk Levels

The format for Risk Levels is:

Risk Level - Color

Color is optional and can be a named color (red, green, blue) or an RGB color code (#ff000, #00ff00, #0000ff).


The DREAD values are pre-populated with standard DREAD values. You can modify these lists if your organization uses a custom DREAD scoring system.

Tier Availability

Findings Admin is available on Hobby Tier and Pro Tier.

Last updated