Skip to main content

Retest vulnerabilities

To verify a fix, you can retest the vulnerability. Selecting Retest triggers a targeted scan using a custom profile to confirm the vulnerability is fixed.

  • If an Invicti retest scan confirms that the vulnerability isn't found anymore, it's marked it as Fixed.
  • If an Invicti retest scan identifies that the Fixed (Unconfirmed) vulnerability is found, it's listed as Rediscovered. If the status was Open, it remains Open.
  • All vulnerabilities are retestable.
Changes of vulnerability statuses after a retest or a scan.

This document explains how to retest found vulnerabilities after a fix was done.

Retest a vulnerability from scan results

  1. Select Scans > DAST scans from the left-side menu.
  2. Click the scan to open the Scan details page.
  3. From the Vulnerabilities tab, click a vulnerability to open its details.
  4. Click Retest to initiate the retest scan.
Retesting a vulnerability found in a scan.
  1. A notification appears confirming that a scan has been initiated to retest the selected vulnerability.
  2. Select Scans > DAST scans from the left-side menu to see the status of the retest scan.
Retest vulnerability scan status.

Bulk retest vulnerabilities

  1. Select Vulnerabilities from the left-side menu.
  2. Enable checkboxes by the vulnerabilities you want to retest.
  3. Click Bulk actions > Retest to initiate the retest scans.
Retest multiple vulnerabilities from the All vulnerabilities list.
  1. A notification appears confirming that scans have been initiated to retest the selected vulnerabilities.
  2. Select Scans > DAST scans from the left-side menu to see the status of the retest scans.
Bulk retest of vulnerabilities for the same target.

tip

Follow these steps to configure the automatic retest of vulnerabilities with Fixed (Unconfirmed) status:

  • Select Settings > Scanning from the left-side menu.
  • Set Automatically rescan vulnerabilities when marked as Fixed (Unconfirmed) to Yes.
  • Confirm by clicking Save changes.

For more information, refer to the Scanning settings document.


note

Don't have time to fix your vulnerabilities? Try exporting your vulnerabilities from Invicti Platform and importing them into your WAF to save time for the fix. For more information, refer to the Exporting scan results to WAFs document.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Last updated on
Was this page useful?