Findings
Overview
Triage security findings from repository reports and GitHub advisories in one org-wide queue.
Findings (/app/findings) is the organization-wide queue for security issues that need review. Findings can come from repository reports or GitHub repository security advisories on connected repos.
Finding sources
| Kind | Origin | Typical content |
|---|---|---|
repository_red_team |
A repository report run | Issues discovered during codebase analysis |
github_advisory |
GitHub advisory webhook | Incoming GHSA/CVE-style advisories for connected repos |
Both types appear in the same table so security teams have one place to work.
Findings list
The table includes title, risk level, source, triage status, linked report, and timestamps. Filter and sort to prioritize high-risk or unassigned work.
When no findings exist yet, the empty state links to Reports to create a repository report that can generate findings.
Finding detail
Open a finding at /app/findings/[findingId] to:
- Read description, CWE IDs, CVSS vector, and advisory links
- View triage summary and recommendations when AI triage has run
- Update triage status (organization owners on supported deployments)
- Start or monitor triage runs with sandbox evidence and logs
- Navigate to the parent report for full scan context
Triage workflow
- A finding appears after a report completes or GitHub publishes an advisory.
- Assign or set status to reflect ownership (open, in progress, resolved, etc.).
- Optionally run automated triage to produce a structured summary and verification notes.
- Track remediation in your issue tracker; use the finding page as the system of record in Superagent.
GitHub advisories vs legacy Advisories page
Advisory triage previously lived under Protection → Advisories (/app/protection/advisories). New work should use Findings, which includes GitHub advisories alongside report-derived issues.