Report from the left menu. Then
go to New > Web Application Report
> Interactive.Note: This information applies when WAS 1.0 is enabled for your subscription.
The Web Application Interactive Report identifies vulnerabilities and sensitive content detected by the most recent scan of a selected web application. The interactive report allows you to keep changing the report settings to get different views of your web application scan data.
Note that interactive report results are not saved to Report Share, so you should download or print the report from the File menu if you wish to save it.
User Permissions: The web application scanning (WAS) 1.0 module must be enabled for the subscription. Users other than Managers and web application owners must be granted permissions in order to run web application interactive reports. See Users and WAS Features.
Select
Report from the left menu. Then
go to New > Web Application Report
> Interactive.
The Report Setup page appears.
Report Source. Select report source options. This is where you select the report target including the web application and authentication record to run the report on, the vulnerability type to display, and the URI filter.
Run. After making your selections, click Run.
The report results appear in the same window as the report source options.
You can easily make changes to your report source. To do this, go to the View menu and select the Setup Pane option. Modify your report source and click Run again to update the results based on your new selections. You can change the report source as often as you like.
Summary. This section identifies the report source setup options.
Results. The unique number of URIs detected and statistics on scan results.
Vulnerabilities Found. The vulnerabilities and sensitive content found are sorted by group. Some or all of the groups may appear in your report. The scanning engine checks for sensitive content when sensitive content search options are selected in the web application profile that is applied to a scan.
The vulnerability groups are: cross-site scripting (XSS), SQL injection (SQL), path-based vulnerability (PATH), and other vulnerability information (INFO).
The sensitive content groups are: custom sensitive content (CUSTOM), credit card number (CC), and social security number - United States only (SSN-US).
Details List. The details list identifies all vulnerabilities and sensitive content issues. For each item in the list, the report shows the group, the vulnerability ID (QID) and title associated with the vulnerability/sensitive content, and the URI on which the vulnerability/sensitive content was detected.
The following options are available from the File menu:
Print. Click to print your report. The printed report will appear as it does online, meaning that expanded sections will appear expanded and collapsed sections will appear collapsed. Before printing your report, you may select Expand All or Collapse All from the View menu.
Download. Click to download your report in PDF, HTML pages (ZIP), MHT, XML or CSV format. See Report Formats for information.