All Collections
Scanning
Scans
How to interpret scan results
How to interpret scan results

Learn how to interpret scan results

Ana Pascoal avatar
Written by Ana Pascoal
Updated over a week ago

After setting up your target at Probely, you can start a scan and access its details (scan results) to visualize the progress and results of the scan with real-time updates.

On this page, you will find three valuable sections to analyze and interpret a scan:

  • Progress, with the progress of the scan and access to detailed information.

  • Findings, with the list of vulnerabilities found by the scanner.

  • Reports, with a couple of options for reports about the scan.

This article provides all the details on these three sections, but you can also watch this video for an overall view of Scan Details.

Progress

Once the scan starts, you will see in this section the evolution of the three major components at play in a scan, each one with a specific job:

  • The fingerprinter detects the technologies used on the target.

  • The crawler goes through the target's URLs and interacts with every element found, clicking on buttons and filling out forms, among other actions.

  • The scanner finds vulnerabilities within the target's URLs obtained by the crawler.

To further understand the details of each component, expand the section by clicking on the Show more button.

Here, you will find the specific details of the work performed by each component:

  • Fingerprinter - Shows the list of technologies detected.
    ​

  • Crawler - Shows the number of crawled URLs and how many were deduplicated. It also shows whether the login was successful or not, and the statistics of the HTTP response codes obtained during the crawling, which can be relevant to figuring out issues that may require attention.
    If the Crawler is still working, you will also see which URLs are being crawled at the time.
    If you need to check the complete list of crawled URLs, issue a report as described in the Reports section.
    ​

  • Scanner - This shows the number of scanned URLs, the average time it took, and, similarly to the Crawler, the statistics of the HTTP response codes obtained, which can be relevant to figuring out issues that may require attention.
    If the Scanner is still working, you will also see which URLs are being scanned at the time.

To know more about the HTTP response codes displayed in the Crawler and Scanner details, read this article about HTTP status codes in scans.

Findings

In this section, you can see the list of all the vulnerabilities found by the scanner during the scan.

Depending on the type of vulnerability found, its exploitability, impact, and scope, a CVSS score and risk/severity classification are attributed to the finding, helping you prioritize the vulnerability fixes.

In general terms, vulnerabilities with a more significant impact that can be easily exploited have a higher risk. While vulnerabilities with a lower impact are more complex to replicate and require several specific conditions to be exploited, they likely represent a lower risk.

Here, you can analyze the findings and decide which actions to take.

Reports

At the top of the scan details is a group of buttons under DOWNLOAD REPORTS to issue and download different reports.

The buttons available depend on the state of the scan, but can be the following:

  • SCAN REPORT - Once the scan finishes successfully, this button is available to issue and download a scan report, which you can share within your company or with your auditors/customers. The report will list the vulnerabilities found, along with a detailed description and ways of fixing them, as well as a list of all the tests performed during the scan. Depending on the type of report, it can have additional information on tests performed for specific compliances, such as OWASP Top 10 or PCI-DSS.
    ​

  • PRELEMINARY CRAWLING REPORT - While the scan is running, this button is available to issue and download a provisory coverage report. It allows you to check the endpoints the scanner has reached so far. Bear in mind, however, that this report might be subject to change until the scan finishes.
    ​

  • CRAWLING REPORT - Once the scan finishes, this button is available to issue and download the final version of the coverage report. It allows you to check every endpoint the scanner reached during the entire scan.

The information on the crawling reports provides details for the Crawler information that is in the Progress section.

Did this answer your question?