Overview
This article walks you through the meaning of each column and status in the Findings list in Hyver.
You’ll understand how findings are categorized, how mitigation progress is tracked, and what each detail in the list tells you about your current cyber risk.
1. Accessing finding options
Click the menu icon (⋮) next to any finding to open a list of available actions.
Depending on your role and configuration, you might see options like:
Add remediation asset
Import remediations from CSV
Share finding
2. Understanding key fields
Severity
Shows the impact level of the finding, color-coded for clarity. This appears as a vertical colored bar to the left of the row.
Recommended Priority
Hyver’s smart recommendation for which findings to fix first — based on factors like severity, likelihood, critical to block, and more.
You can also configure your own prioritization focus: reduce exposure, protect high-value assets, or block high-probability attacks.Critical to Block
Indicates whether this finding is essential to remediate because it plays a critical role in enabling an attack path.Status
Tracks the stage of each finding:Open – Newly discovered by CYE
To Do – Awaiting action
In Progress – Being worked on
Reopen – Previously fixed but reopened
On Hold – Temporarily paused
Fixed – Resolved (automatically updated when all related remediation assets are marked Fixed, Acceptable risk, or Not relevant)
Acceptable risk – Considered a tolerable risk and not being remediated
Not relevant – No longer applies (e.g., asset is out of scope)
Draft – A pre-open status
When a finding is marked Fixed, Hyver prompts you to describe the action taken:
A comment labeled Marked as fixed appears in the Project pane — visible to both your team and CYE. This also updates the mitigation graph and recalculates exposure or likelihood scores accordingly.
Has been verified
After a finding is fixed, you can check this box to confirm verification. A green shield appears next to verified findings:
3. Finding metadata explained
Finding Name – A short label or summary of the vulnerability
Probability – How likely the vulnerability is to be exploited
Security Domain – The category of the issue (e.g., Network Security, Application Security)
NIST Function / NIST ID – Classification under the NIST Cybersecurity Framework
Maturity level – Associated cybersecurity maturity score
MITRE ATT&CK Tactic – Mapped attacker technique or phase
ID – A unique identifier for the finding
# of remediation assets – Linked systems or assets involved
Plan – The mitigation plan this finding is part of
Effort Level – Visual cue showing how much effort is needed to fix it
Cost Level – Visual cue showing remediation cost
Creation Date / Created by – When and by whom the finding was created
Integration Ticket ID – ID from an external system like Jira or ServiceNow
Tags – Labels used for filtering or categorizing findings
Remediation Date – Target deadline for resolving the finding
Owner – The person responsible for the fix
Comments – Notes related to the finding
Sources – Where the finding came from (e.g., Hyver, a scanner, or manual input)
Type
Vulnerability – A confirmed issue
Potential – A suspected but unverified weakness
Capability – Not a vulnerability, but a link in an attack path (used in the mitigation graph)
Wrap-up / Next Steps
Knowing what each field in the findings list means makes it easier to track progress, prioritize efforts, and communicate clearly.
Take your time getting familiar with the fields that matter most to your workflow — they’re the foundation of smart risk mitigation.