How to consult scan results after the scans have successfully launched and completed.
After the scans have successfully launched and completed, the scan results & report details can be viewed in multiple ways: by clicking on a specific vulnerability from the dashboard on the "Current Vulnerabilities" panel, by clicking on a vulnerability from the Vulnerabilities view, or by navigating to the Websites and Servers view and using the link given in the "Last report" column.
In the Websites or Servers view, certain icons might be visible right after the last report date to indicate important information related to the most recent scan.
If Delve detected one (or multiple) Web Application Firewalls (WAF) during its web scan, a small shield icon will be displayed with a tooltip indicating which WAF was detected. It is important to note that WAFs can affect the quality of Web applications vulnerabilities detection, since their primary role is to block these type of attempts (while leaving the applications code potentially vulnerable). Scan results may vary and be of a lesser quality for assets protected by WAFs.
The link in the "Last report" column, points to the last successful scan.
If a scan terminates with an error (because the asset was unreachable, sudden loss of connectivity, etc.), a warning icon will be displayed to inform the user of this type of failure.
The scan report page contains details of the scan itself and all the vulnerabilities that were found during that specific scan.
It also contains security information relevant to the specific asset that was detected during the scan.
A PDF version of the report can be produced, including all the vulnerability detail by clicking on the printer icon on the top right corner of the leftmost panel. See Extracting reports for more information.
Vulnerabilities are sorted according to their severity level in four pre-set categories:
- Critical Vulnerabilities are the ones that are the most likely to be exploited and that require immediate attention and mitigation.
- Medium Vulnerabilities are potentially exploitable and require further analysis to ensure they are addressed in a timely manner.
- Warnings are meant to indicate areas where the security could be reinforced to help mitigate further potential vulnerabilities over time.
- Additional information gathered relates to additional information Delve was able to gather while scanning that may be useful for a better understanding of the environment's complete security posture.
Vulnerabilities vary greatly for every asset, so expect differences between web applications and server scans; however, their presentation follows the same pattern.
When opening one of the vulnerability boxes, you will be presented with the details of the vulnerability.
For instance, in the case of a web vulnerability (when applicable), the Method, Location, Parameter and Payload that allowed this vulnerability to be found will be provided.
In the case of system vulnerabilities (when applicable), a CVE number could be provided with technical details on the vulnerability itself.
For most vulnerabilities, a description, remedy and references will also be provided, allowing you to obtain more details about the vulnerability using standardized & online documentation.
In addition to the vulnerabilities that were found, sections with additional information will be presented in this report detail view.
The port list of a system that was scanned may also be shown below the vulnerabilities with a description of the official Internet Assigned Numbers Authority (IANA) service name and description.
If the service presence was validated it will be displayed in darker text. If a banner was grabbed during service validation, it is made available through a link on the right of the service name.
A list of the software that was detected may also be provided in the same view for systems and websites.
For website scans, an exclusion list containing the other domains that were found while crawling the website is also provided, allowing you to quickly add them to Delve.