Views:

View and download reports generated from scans, and view troubleshooting information such as authentication or network problems.

Important
Important
This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.
Note
Note
This feature is not available in all regions.
In Scan Reports, you can view a list of your most recent network scan reports. Scan reports contain the results of the scan, including any discovered assets, vulnerable assets, and detected CVEs. Currently, only the most recent report for a scan is retained. To save earlier reports, download the reports before the next scan time.
The following table details actions you can take in Scan reports.
Action
Details
View scan status
The icon next to the scan ID indicates whether the scan is complete (successful=d385863c-ae1f-4a76-8500-6d60d7a2de8f.png), in progress (inProgress=763d5319-3680-4b10-abca-a75782d8eb48.png), or failed (unsuccessful=e4c3ece6-3776-45dc-b99a-67195d7d21e0.png). Scans that are in progress cannot be triggered. For failed scans, verify the following:
  • Network status
  • Service Gateway status
  • Network Vulnerability Scanner service status
  • Scan configuration
View report details
Drill down from a scan ID to view:
  • A snapshot of the scan configuration, which includes:
    • Scan name
    • Scan description
    • Service Gateway used for the scan
    • Ports scanned
    • Type of authentication credentials used
  • A summary of the scan results, which includes:
    • Number of target IPs
    • Number of excluded IPs
    • Number of assets discovered during the discovery or external attack surface scan
    • Number of assets assessed during the vulnerability scan
    • Number of assets found to have vulnerabilities
    • Number of CVEs detected
    • Number of errors encountered during the scan indicating assets that could not be scanned
View scan errors
Click the number displayed under Scan errors to view access issues encountered during the scan.
  • Access error: Indicates a required field such as a port could not be accessed or there was no SNMP response. Verify the configured scan ports and ensure SNMP is enabled on the target device. If the problem persists, contact support.
  • Authentication error: Indicates the device at the target IP could not be accessed using the provided authentication credentials. Verify your authentication credentials in the scan configuration. If you need to use a different set of credentials, create a new scan.
  • Unsupported device or device version: Indicates the device at the target IP is not currently supported for network vulnerability scans. Only devices running a supported operating system are currently supported for network vulnerability scans. Authentication credentials must be for an account with the required privileges for scanning. To view supported devices, operating systems, and privilege requirements, see Network Vulnerability Scanner supported products. Click Request additional device or device version support to provide feedback on further device or version support you would like to see. If the product is supported, check your authentication credentials. If the problem persists, contact support.
  • No device detected: Indicates no devices were detected at the target IP.
  • No open SSH port detected: Indicates SSH login access failed. Ensure your SSH port (default port 22) is open. If the problem persists, contact support.
  • Scan timed out: Indicates the target took too long to scan. Try running the scan again. If the problem persists, contact support.
  • Credential profile not configured: Indicates the Credential Vault credential profile originally configured in the scan has been removed. Reconfigure the scan authentication credentials to enable the scan.
  • Credential access error: The configured Credential Vault credential profile could not be accessed because the encryption key used by the scanner has expired. Try running the scan again. If the problem persists, contact support.
Important
Important
Only the first 100 scan errors are displayed. Download the scan report to view the access status of all scan targets.
Download scan report
Note
Note
You must have the Export data permission for Cyber Risk Exposure Management to download scan reports.
Click the download icon (download_icon=5c7476c2-cf15-4572-b7cd-5fc67a57d22f.png) to download a zip file containing the report files for the specified scan. Report files for each scan type include:
  • Discovery scan: Discovery_results.csv
    • Contains information such as IP addresses, FQDNs, hostnames, asset operating systems, open ports, and TLS certificates
  • Vulnerability scan: Discovery_results.csv and Detected_CVE_VulnerabilityList.csv
    • Detected_CVE_VulnerabilityList.csv contains CVE IDs, hostnames, IP addresses, affected products, affected product versions, mitigation options, and security advisory links
  • External attack surface scan: InternetFacingAssetScan_results.csv
    • Contains information such as IP addresses, FQDNs, hostnames, asset operating systems, open ports, and TLS certificates
Manually refresh scan reports
Click the refresh icon (refresh=5bd75452-c2fb-43ed-90e6-7b552fdc5dd2.png) to manually refresh the status of displayed reports. Statuses automatically refresh after the scan completes.
View scan results in Threat and Exposure Management
Click View scan reports in Threat and Exposure Management to view affected assets and detected vulnerabilities found by Network Vulnerability Scanner along with risk scores of the affected assets.