Findings may be manually uploaded or imported from tooling such as Burp or Nessus. Make sure that you’ve exported findings from your tooling into CSV, Excel, or XML format before beginning your import.
1. Go to Pentests in the left-hand menu
2. Click on the relevant Pentest
3. Move to the Findings Menu in the Pentest Dashboard
4. Click the “Import/Export” button on the file. Click here to see an example file.
5. Choose the file from the hard drive or drag and drop it to the Dashboard
6. Wait for the File to Upload
7. Update settings
- Asset Matching – Automatically link imported findings to an asset
- Instances – Aggregate findings found across multiple assets/IPs
- Auto-Fill – Use Cyver Core databases to auto-fill CWE, CVSS, and other data
8. Select specific Findings to edit or upload
9. Confirm import. This may take a few minutes
10. Click “Go to Findings” to see data.
11. You may edit findings manually to check description, upload evidence files, etc.
12. The Client will not see Findings until you publish them as “Pending Fix”. Once published, the Client can see the name of the Finding, which type of Finding it is, what it is linked to, and all communication from the Pentester. The Client will also see the Pentester who published the finding.
Findings will populate in the dashboard.
You may manually click on and edit each finding to add more information. Finding descriptions support Markdown