View Findings

The Findings Report provides client administrators with detailed insights into compliance checks performed on organizational resources. It helps administrators monitor security configurations, identify issues, and take corrective actions where required.

Understanding the Findings Report Table

The report is displayed in a table format with the following details:

  • Sr. No – A sequential number assigned to each finding for easy reference.

  • Title – Describes the compliance check performed (e.g., Ensure unused User Access Keys are disabled).

  • Status – Shows the result of the compliance check:

    • Pass – The control meets compliance requirements.

    • Fail – The control does not meet compliance requirements and needs attention.

  • Severity – Indicates the level of risk if the issue is not addressed (Low, Medium, High).

  • Service – Displays the cloud service or system component under review (e.g., IAM).

  • Region – Specifies the geographical region of the assessed resource.

  • Resource – Identifies the exact system, account, or resource related to the finding.

Action Options

Each row in the Findings Report provides an Actions option.

When a client administrator clicks the View Details button (eye icon) from the Findings Report, a detailed view of the selected finding is displayed. This helps the administrator analyze the issue in depth and plan corrective actions.

1. Summary Section

The Summary provides a quick overview of the finding:

  • Status – Compliance result (Pass/Fail).

  • Severity – The level of risk (e.g., Low, Medium, High).

  • Service – The cloud service or resource type under review (e.g., IAM).

  • Resource – Name of the impacted resource.

  • Resource ID – Unique identifier of the resource.

  • Region – Location where the resource resides.

  • Checked At – Date and time when the check was performed.

  • Resource ARN – The Amazon Resource Name providing a unique global identifier.

  • Resource Type – Classification of the resource (e.g., AWS IAM User).

2. Details Section

This section provides a deeper explanation of the finding:

  • Message – Describes the exact issue detected (e.g., User does not have access keys).

  • Description – Explains the compliance requirement (e.g., Ensure unused User Access Keys are disabled).

  • Risk – Highlights the potential impact on security if the issue is not addressed. For example:

    • Unused or unnecessary credentials may become an entry point for attackers.

    • Former employee accounts left active pose compliance and security risks.

3. Remediation Section

This section provides actionable guidance to resolve the finding:

  • Recommendation Date – When the remediation guidance was generated.

  • Resource Type – Identifies the type of resource requiring remediation.

  • Recommendation/Steps – Provides practical steps to resolve the issue. For instance:

    • Disable or delete unused access keys.

    • Rotate credentials and enforce strong password policies.

    • Remove inactive users or resources that are no longer required.

4. Finding History Section

The Finding History tracks previous scan results for the same finding. This helps administrators monitor remediation progress over time.

For each historical record, the following information is displayed:

  • Finding ID – Unique reference number of the finding.

  • Status – Whether the finding was marked Pass or Fail in earlier scans.

  • Scan Name – The specific scan or test during which the finding was generated.

  • Timestamp – Date and time of the previous scan.

PreviousAdd ExceptionNextChecks

Last updated