P0 App Documentation
Sign up for FreeSandbox
  • What Is P0?
    • πŸŽ›οΈIAM Dashboard
    • πŸ”ŽAccess Inventory
    • πŸͺ‘IAM Posture
    • ⏱️Just-In-Time Access
    • ♻️Service-Account Key Rotation
  • Getting Started
    • ⬇️Quick Start
    • 🎁Share P0 With Your Team
  • INVENTORY
    • πŸ—ΊοΈAccess Inventory
    • πŸ”¬Result Details
    • ❔Query Search
      • πŸ“–Search Reference
  • Posture
    • βš–οΈPosture Overview
  • Monitor Results
  • πŸ€”Finding Details
  • ORCHESTRATION
    • ⏰Just-in-time access
      • πŸ–οΈRequesting Access
        • πŸ‘‰For Another Party
      • 🏁Approving Access
        • Pre-approving Access
      • πŸ”€Request Routing
        • Google Cloud Filtering
        • AWS Filtering
  • Environments
    • ☁️Creating an Environment
    • πŸ““Environment Terminology
    • βš™οΈSettings
  • Integrations
    • πŸ“žNotifier integrations
      • πŸ’¬Slack
      • πŸ‘¬Microsoft Teams
      • πŸ“£Custom Notifier
    • πŸ”‘Resource integrations
      • ☁️Google Cloud
        • Requesting Access
        • Permissions Reference
          • Cloud Storage
          • Compute Engine
      • πŸ“¦AWS
        • Requesting Access
      • ☸️Kubernetes
        • Requesting Access
        • Advanced Requests
      • πŸ”‹PostgreSQL
        • Requesting Access
      • ❄️Snowflake
      • πŸ–₯️SSH
      • GitHub
        • Requesting Access
      • πŸ› οΈCustom Resource
    • πŸ‘₯Directory integrations
      • Microsoft Entra ID
        • Requesting Access
      • Google Workspace
      • Integrate P0 with Okta
    • βœ”οΈApproval integrations
      • πŸ””PagerDuty
    • πŸ”ŒSIEM Integrations
      • Splunk HEC Setup
  • P0 Management
    • 🎩Role-Based Access Control
Powered by GitBook
On this page
  • Actions
  • Attack path
  • Detailed information

Finding Details

PreviousMonitor ResultsNextJust-in-time access

Last updated 11 days ago

To view extended information for a single finding, click "view" next to a monitor result. This will open that finding's details:

Actions

Assign

If you've integrated P0 with Jira, you can assign findings for resolution. By default the assignee is manually assigned by you. If you've configured P0 for automatic assignment, assignees will be determined by the configured resource owner for the target scope in which the finding was discovered.

The created Jira ticket contains the finding description, finding context, and, if available, the resolution commands.

Ignore

To ignore a finding, click the "Ignore" button on that finding's details. The finding will no longer appear in your results, unless you select "Ignored" in the results views.

Review fix

For P0-provided monitors, P0 provides cloud shell commands that will resolve the finding. For example, for the "Unused Privileged Access" finding, P0 will provide commands to replace the vulnerable entitlement with a least-privilege entitlement.

Add notes

You can add notes, including business justifications, to findings by typing notes on the finding's details page.

Attack path

Below the finding actions, P0 displays a graphical representation of the findings attack path: How an actor holding the identity can gain risky access to your system.

Detailed information

The remainder of this page shows detailed information for the finding, and explains why this finding matched the monitor's search. For an explanation of this information, see Result Details.

The attack path view has the same capabilities as the in the Access Inventory.

πŸ€”
Graph visualization