CodeWallDocs
How-to Guides

Explore Results

How to navigate, filter, and act on findings after a penetration test.

After a test completes, the findings dashboard gives you everything you need to triage and remediate vulnerabilities.

Viewing findings

  1. Navigate to Findings in the sidebar
  2. Click on a completed test to view its findings
  3. Findings are listed by severity (Critical first)

Filtering and searching

Use the filters to narrow down findings:

  • Severity — show only Critical and High findings
  • Status — filter by Open, In Progress, Resolved, or False Positive
  • CWE — filter by vulnerability type
  • Target — filter by specific host or path

Reading a finding

Each finding page includes:

Summary

A concise description of the vulnerability, where it exists, and its potential impact.

Attack chain

The full step-by-step sequence showing how the agent discovered and exploited the vulnerability. Each step shows the HTTP request, response, and the agent's reasoning.

Proof of concept

Reproducible evidence — typically raw HTTP requests you can replay with curl or your preferred tool. Use this to verify the finding and confirm your fix.

Remediation

Specific guidance on how to fix this instance, plus general best practices to prevent the same class of vulnerability.

Bulk actions

From the findings list, you can:

  • Export to CSV — download findings for external tracking
  • Export to PDF — generate a formatted report for stakeholders
  • Push to Jira — create tickets for each finding (requires ticketing integration)
  • Mark as resolved — batch-update status after remediation

AI chat

Each test run has a built-in AI chat interface. Use it to ask questions about the run — for example, what the agent tried, why certain findings were flagged, or what areas of the target had the most coverage.

Individual findings also have their own AI chat for deeper analysis. See Understanding Findings for more.

Comparing test runs

If you've run multiple tests against the same target:

  • New findings are flagged as New
  • Previously found issues that still exist are flagged as Recurring
  • Issues that no longer appear are flagged as Resolved

This makes it easy to track remediation progress over time.

Set Execution Options

Configure pentest mode, scheduling, stop conditions, compliance, and AI guidance.

Validate with Canaries

How to plant known vulnerabilities to verify CodeWall's detection capabilities.

On this page

Viewing findingsFiltering and searchingReading a findingSummaryAttack chainProof of conceptRemediationBulk actionsAI chatComparing test runs