P0 App Documentation
Sign up for FreeKnowledge Base
  • What Is P0?
    • πŸŽ›οΈIAM Dashboard
    • πŸ”ŽAccess Inventory
    • πŸͺ‘IAM Posture
    • ⏱️Just-In-Time Access
    • ♻️Service-Account Key Rotation
  • Getting Started
    • ⬇️Quick Start
    • 🎁Share P0 With Your Team
  • INVENTORY
    • πŸ—ΊοΈAccess Inventory
    • πŸ”¬Result Details
    • ❔Query Search
      • πŸ“–Search Reference
  • Posture
    • βš–οΈPosture Overview
  • Monitor Results
  • πŸ€”Finding Details
  • ORCHESTRATION
    • ⏰Just-in-time access
      • πŸ–οΈRequesting Access
        • πŸ‘‰For Another Party
      • 🏁Approving Access
        • Pre-approving Access
      • πŸ”€Request Routing
        • Google Cloud Filtering
        • AWS Filtering
      • πŸ—’οΈSession Recording
        • πŸ“¦AWS
      • πŸ”ŒJust-in-time API
        • Command API
        • Access Requests API
        • Routing Rules API
  • Environments
    • ☁️Creating an Environment
    • πŸ““Environment Terminology
    • βš™οΈSettings
  • Integrations
    • πŸ“žNotifier integrations
      • πŸ’¬Slack
      • πŸ‘¬Microsoft Teams
      • πŸ“£Custom Notifiers
        • AWS Lambda Notifier
    • πŸ”‘Resource integrations
      • ☁️Google Cloud
        • Security Perimeter
        • Requesting Access
        • Permissions Reference
          • Cloud Storage
          • Compute Engine
        • Function Caller
      • πŸ“¦AWS
        • Requesting Access
        • AWS Integration API
        • Function Caller
      • ☸️Kubernetes
        • Requesting Access
        • Advanced Requests
      • πŸ”‹PostgreSQL
        • Requesting Access
      • ❄️Snowflake
      • πŸ–₯️SSH
      • GitHub
        • Requesting Access
      • πŸ› οΈCustom Resource
        • Installing a Custom Resource Integration
    • πŸ‘₯Directory integrations
      • Microsoft Entra ID
        • Requesting Access
      • Google Workspace
      • Okta
    • βœ”οΈApproval integrations
      • πŸ””PagerDuty
    • ⚑SIEM Integrations
      • Splunk HEC Setup
  • πŸ“Tracker integrations
    • 🎟️Jira
  • P0 Management
    • 🎩Role-Based Access Control
    • πŸ”ŒManagement API
      • Role Management API
      • Just-in-time settings API
Powered by GitBook
On this page
  • Actions
  • Attack path
  • Detailed information

Finding Details

PreviousMonitor ResultsNextJust-in-time access

Last updated 29 days ago

To view extended information for a single finding, click "view" next to a monitor result. This will open that finding's details:

Actions

Assign

If you've integrated P0 with Jira, you can assign findings for resolution. By default the assignee is manually assigned by you. If you've configured P0 for automatic assignment, assignees will be determined by the configured resource owner for the target scope in which the finding was discovered.

The created Jira ticket contains the finding description, finding context, and, if available, the resolution commands.

Ignore

To ignore a finding, click the "Ignore" button on that finding's details. The finding will no longer appear in your results, unless you select "Ignored" in the results views.

Review fix

For P0-provided monitors, P0 provides cloud shell commands that will resolve the finding. For example, for the "Unused Privileged Access" finding, P0 will provide commands to replace the vulnerable entitlement with a least-privilege entitlement.

Add notes

You can add notes, including business justifications, to findings by typing notes on the finding's details page.

Attack path

Below the finding actions, P0 displays a graphical representation of the findings attack path: How an actor holding the identity can gain risky access to your system.

Detailed information

The remainder of this page shows detailed information for the finding, and explains why this finding matched the monitor's search. For an explanation of this information, see Result Details.

The attack path view has the same capabilities as the in the Access Inventory.

πŸ€”
Graph visualization