PAC Application Security Findings

All the results of pentesting will show up on the Application Security Findings page. To access the page, click on the App Findings on the left menu.

  • User can filter the App finding results by cloud provider, compliance standards and application type.

  • User can also see the results of a perticular application run on specific date and time.

../img/pac/app_findings/app_findings.png

  • Click on any finding result to view the detailed information of the particular finding.

  • User can see the description and solutions of the risk. Also it contains the list of paths from where the alter is raised.

  • Click on a particular path to view the request and response body were used to access those paths.

../img/pac/app_findings/app_findings_detail.png

  • Click on Validate button to generate curl request to validate that risk again.

../img/pac/app_findings/validate_risk.png

  • User can mark the risk as Assigned, False Positive or Risk Accepted.

../img/pac/app_findings/risk_action.jpg