Skip to main content

The Finding Detail Tabs

What each tab in the Finding Details Pane shows — Overview, Mitigation, Standards, Project, Comments, and History.

This article explains the tabs in the Finding Details PaneOverview, Mitigation, Standards, Project, Comments, and History — and what each one shows.

Overview

The Finding Details Pane organizes a finding's information across six tabs. This article describes the purpose of each tab and the information it surfaces; for full definitions of individual fields, see Finding Fields.

Overview tab

Gives a structured summary of the vulnerability and its business context:

  • Summary — a short description, often including details like server names or IP addresses.

  • Description — a fuller explanation of how the vulnerability works and why it matters.

  • Business Impact — what could happen if the vulnerability is exploited.

  • Critical to Block — a calculated Yes/No field flagging whether the finding should be prioritized.

  • Security Domain — the domain the finding falls under (for example Application Security, Network Security, Identity Management).

  • Supporting Evidence — visual proof, such as screenshots, of how the finding was discovered.

Where data is available, click the copy to clipboard icon to copy a field's content.

Mitigation tab

Provides actionable recommendations for reducing the finding's risk:

  • Recommended mitigation steps — tailored to the finding's severity, associated assets, and business impact.

  • Linked remediation assets — any remediation assets tied to the finding, with their current status.

  • Associated mitigation plan — the Mitigation Plan the finding belongs to, if any.

Standards tab

Shows how the finding aligns with security frameworks:

  • NIST mapping — the NIST function (for example Identify, Protect, Detect) and subcategory ID that apply.

  • MITRE ATT&CK tactic — the tactic that best represents the attacker behavior (for example Privilege Escalation, Lateral Movement, Initial Access).

Project tab

Summarizes remediation scope and metadata:

  • Remediation Cost Level — a visual indicator of how expensive the fix will be.

  • Remediation Effort Level — a visual indicator of the effort required.

  • Remediation — remediation details, including the planned date and assigned owner.

  • Tags — tags linked to the finding; you can also delete tags here.

  • Engagement — the engagement in which the finding was discovered.

  • Creation Date — when the finding was added to the platform.

  • Integration Ticket ID — the ID of a related Jira or ServiceNow ticket, if applicable.

  • Sources — the finding's origin: the Cye platform, a platform user (manual findings), or an external integration such as Qualys.

  • Modification Date — the last time the finding was updated.

  • System ID — an internal backend identifier; use the standard Finding ID (#F-XXX) when searching.

Comments tab

Stores all comments on the finding — internal notes and explanations for status changes:

  • When you change a finding's status to Fixed, you're prompted to describe the reason, which is saved here automatically.

  • Comments your team enters are not visible to the CYE service team unless you tag @CYE Team.

Two filters help you focus:

  • User-initiated toggle — off (default) shows both user comments and system-generated messages; on shows only comments made by people, hiding automated messages.

  • Text filter — type to show only comments containing that text.

History tab

Acts as the finding's audit log — a timeline of key events: creation, status changes, field modifications, and deletions. Each entry records:

  • Member who made the change — changes made by CYE are labeled "the Cye platform"; changes made by your team show your name internally, but CYE sees only "Customer".

  • Title and Change — the field updated, shown as old value → new value.

  • Type of change — for example creation, modification, or status change.

  • Timestamp — the date and time of the change.

Modification date: any interaction with the finding updates it — manual edits to any field, and system-driven updates even when no visible value changes (such as automatic priority updates).

Audit data for the finding's creation date is restricted: only restricted members can view it while the finding is in Restricted mode. For how audit visibility follows the sharing mode, see Finding Audit & History Visibility.

Wrap-up / Next Steps

  • Use the Overview and Standards tabs to understand a finding; the Mitigation and Project tabs to plan the fix; and the Comments and History tabs to track decisions and changes.

  • For full field definitions, see Finding Fields.

Related Articles
Findings Priority Settings
The Finding Details Pane
Remediation and Asset Tabs
Editing a Remediation Asset of a Finding
Illustrate Mitigation Impact in the Graph
Did this answer your question?