Overview
Findings gives you a single, powerful view of all your vulnerability reports across every program, asset, and team. Instead of managing reports in separate inboxes, you can filter, sort, and organize everything in one place. Customize your view to match your workflow, save boards to track specific priorities, and move faster from triage to resolution. Whether you’re focused on one program or managing dozens, Findings helps you cut through the noise and take action on what matters most.
Use Cases
Findings is flexible enough to support a wide range of workflows. Whether you’re triaging daily reports or tracking program-wide progress, here are a few ways you can put it to work:
Structured Oversight: Gain full visibility across all programs, assets, and teams in one centralized view. No more jumping between inboxes, just a clear picture of where your risk is and what needs attention.
Accelerated Decisions: Quickly find the most relevant and urgent reports with advanced search and natural language queries. Whether you’re isolating all triaged PII issues or tracking vulnerabilities across a specific asset, Findings helps you take action faster.
Streamlined Remediation: Save boards to track ongoing priorities like high-impact vulnerabilities or specific business unit performance, ensuring consistent focus and faster resolution.
Focused Collaboration: Customize views to match how your teams work. Highlight key fields like severity, status, and assignee so security, dev, and triage teams stay aligned and reduce back-and-forth.
Setup Guide
Default Workboards & Views
All organizations have access to a default workboard called “Reports by severity” with seven views. These are:
Critical
High
Medium
Low
None
No Severity
All
Select which workboard you want to see in the dropdown menu at the top of the page.
Workboards
Create a New Workboard
Click the kebab menu (three dots) next to the board name at the top of the page, then click Add board.
A modal will appear prompting you to name your new board.
Click the Add board button, and your new workboard will appear.
By default, it will have one “All” view showing you all reports you have access to within this organization.
Copy a Workboard
You can also copy a workboard with all of its views instead of starting with a new one.
Click the kebab menu (three dots) next to the board name at the top of the page, then click Copy board.
This creates a new board with the same name and “(Copy)” at the end.
Rename a Board
Click the kebab menu (three dots) next to the board name at the top of the page, then click Rename board.
Type in the new name, then click Rename.
Managing Views
Create Views
Click the New view button to create a new view.
If you want to copy your current view instead of starting from scratch, click the kebab menu next to the view name, then click Copy view.
Edit Views
Clicking the kebab menu for the specific view and selecting edit columns will open the Edit table columns side menu where we can select which columns we want to show per said specific view
Click the kebab menu next to your view name
Click Edit columns
Use the menu to select which columns you wish to show or hide. You can also sort the columns by dragging them in place under the Displayed heading.
Order Views
Click the kebab menu next to the workboard name.
Click Order views
Drag the views into the order you want.
Delete View
Click the kebab menu next to the view name.
Click Remove view.
Search
Write Lucene Query Search
You can build advanced filters using boolean and nested queries on your organization's findings page. You can write your queries here using the OpenSearch syntax, which is based on the Apache Lucene syntax.
Below are some examples of how to use this.
For a complete list of fields, you can click on the i icon in the right part of the search input. This will open a modal listing all possible fields and subfields:
Using Boolean Operators
You can use AND and OR operators to refine your filters.
Use AND when you need results where both statements are true.
The example query below will comprise reports with "PNG" in the title reported by the user @jobert:
title:PNG AND reporter.username:jobert
To return results where either statement is true, use OR. In this example, the results will contain reports reported by either @jobert or @michiel.
reporter.username:jobert OR reporter.username:michiel
Using Parentheses for More Complicated Filters
You can also use parentheses to nest filters and group qualifiers.
In the example below, the results will contain reports that are either reported by @jobert with the "triaged" substate or reported by @michiel with the "new" substate.
(substate:triaged AND reporter.username:jobert) OR (substate:new AND reporter.username:michiel)
You can nest filters using parentheses up to five levels deep. Including the repo, org, or user qualifiers within parentheses is not currently possible.
Using the * Operator
You can use * to filter by fields that have a specific value present. For example, if reports have been sent to your issue tracker:
reference:*
If you want to find all reports that have NOT been sent to an issue tracker:
NOT reference:*
Filtering Findings by Custom Fields
You can use filters to pull findings by custom fields. You can use the key of the custom field to pull reports with that custom field set to a specific value.
13_squad:"Dark Matter" OR 13_source:bbp
Tip: If you need help building your query, you can always click the Ask Hai button to receive AI-powered assistance:
Export
Export vulnerability findings to a CSV file based on your current view. Clicking the button generates a CSV containing the data and columns currently visible on your screen. This allows you to control exactly what is exported from the Findings page.
Click the kabob menu next to your view
Click Export CSV
Tip: Increase the number of reports per page.