Host Finding Detail

Summary: Overview of the helpful information that appears in Host Finding Detail

  • Scanner: The scanner that discovered the finding.

  • ID: Finding ID Number

  • Title: Finding title.

  • Description: Detailed information on the finding, what it is, where it comes from, and why it is a vulnerability.

  • Status: Reviews information on the finding such as "Discovered On" "Last Found On" "Resolved On" "Current State" and the time duration since the finding had been found.

  • History( ): The finding’s timeline—when it was added, updated, etc.

  • Technology:  Only in relation to policy scanning. Must be done via Qualys to display. This will display the type of policy scan that was conducted.

  • Group Details/Groups: The group in Ivanti Neurons the finding is assigned to.

  • Assignment Information:

  • Host: The asset the Finding is on and its IP address.

  • Asset Criticality Rating (1-5, with 5 being most severe) and if it is an external/internal host.

  • Network: The Network name where the finding is located and its type (IP, HOSTNAME, or MIXED).

  • Services: Most Recent ports or services recently identified

  • Workflow Attachments: Any file attachments that have been associated with the finding.

  • Observations: Assessments this finding has appeared on.

  • Vulnerabilities: Information on vulnerabilities associated with the finding that provides details, CVE information, and risk rating.

  • Manual Finding Reports: Links and information pertaining to a Manual Finding (resulting from an Ivanti Neurons Attack Surface Validation).

  • Links to the CVE database, MITRE database, and Google for more vulnerability data.

  • Threats: Information on exploits, malware, or Trojans associated with this. Having any or all these issues drastically increases the finding’s threat level.

  • Finding Footprint: This section allows users to easily denote this finding and then also quickly show the other hosts with similar findings. The top 10 is displayed. This section also has a search bar so that Hostnames can be entered (or partially entered) then searched quickly for instances of the finding in and beyond the top 10 displayed list.
    - Under the search bar, the user can also click to filter the vulnerabilities seen on the page by the findings in the footprint and by Scanner Plugin.

  • Possible Solution: Ivanti Neurons-provided suggestions (where available) on how to remediate the issue.

  • Possible Patches: Information (where available) on how to patch the issues. These will (when possible) be linked to give easy access to find the patch location.

  • Finding Tags: Any tags assigned to this finding.

  • Asset Tags: Any Host/Asset tags related to the Host the Finding is a part of

  • Tickets: Any ServiceNow tickets the finding has been assigned to

  • Notes: Any notes written by Ivanti Neurons users on the finding.

  • Output: When the scanner runs the plugin, this is the response back that helps determine the best solution for the finding.