Finding
Represents a security finding discovered during a pentest job. A finding contains details about a vulnerability, including its risk level, confidence, and remediation status.
Types
Properties
The unique identifier of the agent space associated with the finding.
The rationale provided by the alignment agent explaining how the finding was adjusted based on customer preferences.
The attack script used to reproduce the finding.
The file locations involved in the vulnerability, as reported by the code scanner.
The code remediation task associated with the finding, if code remediation was initiated.
The unique identifier of the code review associated with the finding.
The unique identifier of the code review job that produced the finding.
The confidence level of the finding. Valid values include FALSE_POSITIVE, UNCONFIRMED, LOW, MEDIUM, and HIGH.
A customer-provided note on the finding.
A description of the finding.
The identifier of the entity that last updated the finding.
The unique identifier of the pentest job that produced the finding.
The current status of the finding. Valid values include ACTIVE, RESOLVED, ACCEPTED, and FALSE_POSITIVE.
The simulated validation status of the finding. Valid values are NOT_VALIDATED, VALIDATING, CONFIRMED, NOT_REPRODUCED, and VALIDATION_FAILED.
The verification script metadata for reproducing the finding, including download URL, instructions, and required environment variables.