Understanding Your Results

Learn how to interpret your security scan results, prioritize fixes, and improve your overall security posture effectively.

10 minutes to read

All skill levels

New to security scanning? Start with theFirst Scan Guideto understand the basics before diving into result interpretation.

Understanding Your Security Score

Your security score is calculated based on vulnerability severity, code quality, and compliance factors

90-100

Excellent

Outstanding security posture with minimal or no issues

70-89

Good

Solid security with minor issues that should be addressed

50-69

Fair

Moderate security issues that need attention

0-49

Poor

Significant security issues requiring immediate action

Score Calculation Factors

Number and severity of vulnerabilities (70%)
Code quality and best practices (20%)
Compliance adherence (10%)

Vulnerability Severity Levels

How we categorize security issues and recommend response times

Critical

Fix within 24 hours

Immediate fix required

Common Examples:

SQL Injection

Remote Code Execution

Authentication Bypass

High

Fix within 1 week

Fix within days

Common Examples:

Cross-Site Scripting (XSS)

CSRF Vulnerabilities

Privilege Escalation

Medium

Fix within 1 month

Fix within weeks

Common Examples:

Information Disclosure

Weak Encryption

Input Validation Issues

Low

Fix in next release cycle

Fix when convenient

Common Examples:

Code Quality Issues

Documentation Problems

Best Practice Violations

Scan Result Sections

Understanding each part of your security report

Executive Summary

High-level overview of your security posture

Overall security score and grade
Total number of vulnerabilities by severity
Risk level assessment
Compliance status overview

Vulnerability Details

Detailed breakdown of each security issue found

Specific vulnerability descriptions
Affected files and line numbers
Code snippets showing the issue
Recommended fixes and remediation steps

Compliance Report

Standards and regulatory compliance assessment

SOC 2, PCI DSS, HIPAA compliance status
Industry-specific security requirements
Regulatory gaps and recommendations
Certification readiness assessment

Code Quality Metrics

Code quality and best practices analysis

Code complexity and maintainability
Security best practices adherence
Framework-specific recommendations
Performance and security trade-offs

Taking Action on Results

How to prioritize and address security findings effectively

Prioritization Strategy

1
Address all Critical vulnerabilities immediately
2
Fix High severity issues within a week
3
Plan Medium issues for next sprint
4
Schedule Low issues for future releases

Filtering Results

Filter by severity level
Group by file or component
Sort by fix complexity
Mark false positives

Exporting and Sharing Results

PDF Report

Executive summary for stakeholders

JSON/CSV Data

Raw data for analysis tools

Dashboard Link

Share live results with team

Next Steps

Continue improving your security posture

Advanced Scan Configuration

Customize scans for better results

Continuous Monitoring

Set up automated scanning