How to interpret the scan results
This section explains how to get the most out of the Crashtest Security scan results. Crashtest Security Suite provides three views to give you the most relevant information on your projects.
You see the Home page when you log in to the application. It is also called the dashboard, as it gives you the most relevant information on a high level for all your projects.
At the top, the screen shows the number of findings by the criticality of the latest security scan.
Crashtest Security rates the findings according to the Common Vulnerability Scoring System (CVSS) version 3.
Below, you see a list of your projects, including the type of scan and the last scan time.
The status dot on the left side of the row indicates the current state of the scan. You see the current status when you hover the mouse over the dot.
If you want to add more projects, select the yellow "+" icon on the bottom right of the project list.
At the bottom of the page, you see the details of the last scan you ran, with the project name on the top. This gives you direct access to the most current vulnerabilities for quick fixing. The findings are sorted by criticality, with the most critical result at the top.
You can see more details per project when clicking on a project row.
Project Overview page
Crashtest Security Suite provides an overview of the history of scans per project and the increased security (meaning fewer vulnerabilities) over time.
You can see a visual representation of the past scans on the top. The bars show the number of findings per scan and the number and date of the scan. In addition, the results are grouped by severity, as indicated by the color scheme directly below the graph. Select the respective bar to jump to the specific scan view.
In the top right, you see the buttons for the general project actions and settings:
- Start Scan: start a scan manually.
- Preferences: change the project settings. These are described in a continuous security testing setup.
- Delete: delete the project. This will also delete the scan history, so ensure you download all documents you will need in the future.
Below the graph, you see a list of all scans, including the status, the type of scan, and the last scan time.
By clicking on a scan row or the respective bar in the graph, you will get to the overview over one scan.
Scan Details page
The scan details page gives you an overview of the specific scan results.
After a scan has been started, you can see the findings appear in the findings list in real-time.
The top left box gives general information, such as the scanned URL, the type of scan, when it started, how the scan was created, and the duration. You can hover the mouse over the individual items for more information.
The options for the scan start include "Manual," "Scheduler," or "Webhook." For more information on the settings for the scan start, see the continuous security testing setup.
This box also allows you to go quickly to a different scan number for the same project with the buttons at the bottom. Alternatively, you can also enter a specific scan number in the text field.
The top box in the middle is a pie chart visually representing the number of findings grouped by severity.
The top right box shows the maximum CVSS severity.
The top right corner shows the different options for downloading the report for this scan: either in .pdf format or machine-readable J-Unit format.
The bottom box has three tabs. Every tab has a notification bubble that shows the total amount of information displayed.
- Findings: This shows all results of the current scan.
- Scanner Status: Shows all scanners and how they performed.
- Crawled URLs: This shows all URLs that were scanned for vulnerabilities.
On the Scan Details page, the Findings tab shows the title of the vulnerability scanner, detailed information about the found vulnerabilities, and the criticality from left to right. The standard sort is by severity, but you can change that by clicking on the respective column header - for example, if you would like to find all SQL Injection vulnerabilities next to each other.
You can also filter for the scanner title or a specific description content (i.e., "certificate" for SSL certificate vulnerabilities).
To get further information about a vulnerability, select its name. This opens an overlay with an additional description. Then, to get advice on remediation of the exposure, click How to fix this issue?. This takes you to the knowledge base with a detailed explanation of the issue and how to fix it.
Scanner Status tab
On the Scan Details page, the Scanner Status tab shows the individual scanner status for this scan and any detailed information if the scanner has not run. In addition, the screenshot shows how all scanners were correctly executed.
Crawled URLs tab
On the Scan Details page, the Crawled URLs tab shows you which pages were detected during crawling and chosen for an additional security scan. Crashtest Security scans all pages to detect interactive elements, such as a GET parameter in the URL or a form sent with a POST request. An icon shows whether there was at least one vulnerability detected on that page for every page.
The next step on your journey to agile security testing is to set up the invasive testing mode. This allows you to test for a broader range of security vulnerabilities.
Alternatively, you can configure the continuous testing settings.