Review scan results

The DAST scans page provides a list of all scans performed, including information about the scan profile, the time and date when the scan was performed, a count of vulnerabilities found for each severity level, and the current status of each scan. Findings that can be attributed to API specs are flagged with an API tag. API specs can come from manual uploads to a target/scan configuration, linked to a target/scan configuration, or linked from API Discovery.

From the DAST scans page, you can access the results of each scan on the Scan details page. This document provides high-level information about the Scan details page and the information you can review there.

Access scan results

When a scan is complete, Invicti emails you a summary of the results and a link to access the scan results directly.

Automate report delivery

To automatically email a report after a scan completes, follow the instructions in the New Automation document.

You can also access the scan results by following these steps in Invicti:

Select Scans > DAST scans from the left-side menu.
Click on the target for the relevant scan.

DAST scans page showing scan entries with clickable targets to access results.

The Scan details page opens. Use the tabs to view the scan results information.

Recurring scan results

For recurring scans, only the latest scan result for a specific target appears when you open the scan. In contrast, if you run multiple scans manually, each result appears separately.

Scan details

The Scan details page provides information about the scan results, grouped under six tabs.

Additionally, you can also generate a report or export the results to XML, JSON, or CSV files to share or further review them.

False positive and Ignored vulnerabilities

Vulnerabilities with False positive and Ignored statuses aren't displayed in reports, but might still be visible in the Scan details page.

Scan summary

The Scan summary tab provides an overall threat level rating for the target based on the number and severity of vulnerabilities discovered by the scanner. It also displays the number of found and open vulnerabilities by severity, a summary of the scan parameters and activities during the scan, discovered hosts, and the most vulnerable technologies detected on the target.

For detailed troubleshooting and analysis, you can download the complete scan logs from this tab, which provide comprehensive information about the scanning process, including HTTP requests, security checks, and performance metrics.

Scan summary tab showing threat level, vulnerabilities by severity, and scan parameters.

The left side displays a summary of the scan and its parameters:

Scan target name with link.
Screenshots taken during the scan
- if no simple form authentication or Login sequence recorder (LSR) is configured: screenshot of the first loaded page.
- if simple form authentication or LSR is configured: screenshot after the authentication.
- if authentication fails: screenshot of the failed authentication.
Status and the date of the scan.
Download logs button.
Target URL.
Scan profile, for example: Full Scan.
Scan owner's name.
Authentication profile used, for example: Simple form.
Application name.
Tags for the scan.

Overview of details related to the target and the scan settings.

Vulnerabilities

This is the list of detected vulnerabilities, ordered by severity. You can filter the information by severity and target type. For example, you may choose to view only Critical and High severity vulnerabilities.

On the right-hand side, you can change which columns appear. Click a vulnerability from the list to view all information about the detection and to change the vulnerability status.

The vulnerabilities page showing the filter bar.

Automatic vulnerability status change

If Invicti doesn't find a vulnerability with an Open status in 3 consecutive scans, the system automatically changes its status to Fixed. For more information, refer to the Retest vulnerabilities document.

For more information, refer to the vulnerability details document.

Runtime software composition analysis findings

Outdated technologies

The availability of the Runtime SCA information depends on the scan profile used, for example Full scan.

This section lists technologies used by the scanned target that Invicti has identified as out of date. Invicti doesn't classify these as active vulnerabilities, and they don't appear in the Vulnerabilities list. However, they may still pose a risk due to the use of outdated software versions.

Select Technology from the list to view details about its detection and recommended remediation steps.

For more information, see the documentation on Runtime SCA Findings.

Scan details page showing the Runtime SCA findings tab.

Site structure

Use this section to verify that the scan has covered all parts of your target and to identify vulnerabilities affecting a specific file or folder. Click Folder to expand the site structure tree and display the vulnerabilities detected in that part of your target. You can also click Vulnerability to show more information about the attack details, impact, and how to fix it.

Past scans

Recurring scans only

This tab is only available for recurring scans.

The Past scans tab allows you to access an overview and manage the scan schedule. You can see the summary of the last 10 scans, compare scans, and view the total number of critical, high, and medium vulnerabilities discovered.

Scan details page showing the Past scans tab with scan history and vulnerability counts.

Activity

The Activity tab provides a list of the scan events, showing when the scan started and completed, and if any errors were encountered during the scan. Click on an item to reveal more details about the scan event.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Was this page useful?

Access scan results​

Scan details​

Scan summary​

Vulnerabilities​

Runtime software composition analysis findings​

Site structure​

Past scans​

Activity​

Need help?​