Skip to main content

Understanding your dashboard and risk score

Once your first scan is complete, you’ll land in the Tresal dashboard — your command center for managing external risks. This article walks you through what you see and what it means.

Matthias Peeters avatar
Written by Matthias Peeters
Updated over 2 months ago

1. Your overall exposure

At the top of your dashboard, you’ll see a summary of:

• Number of scanned domains and IPs

• Total findings detected

• Distribution across risk levels

This gives you a clear starting point to assess your external exposure.

2. Risk levels explained

Tresal categorizes each finding into one of the following levels:

• 🔥 Critical – Immediate security risk, often actively exploitable

• 🔴 High – Serious issue that could lead to compromise

• 🟠 Medium – Moderate risk, such as missing security headers or DNS records

• 🟡 Low – Minor issues like open ports without identified services

• 🔵 Info – Informational, no direct action required

🎯 Focus first on Critical and High findings — these pose the greatest risk.

3. Findings overview

The Findings section gives you a detailed, prioritized list of all issues Tresal discovered.

Each entry includes:

• The affected asset (domain, subdomain, IP)

• The finding type (e.g. Missing DMARC Record)

• The assigned risk level

• A description of the issue

• A suggested remediation

Example: What your findings might look like

🟠 Missing DMARC Record (Medium)

A DMARC policy is missing. This exposes your domain to email spoofing and phishing.

Fix: Add a DMARC record in your DNS (e.g. v=DMARC1; p=none).

🟠 Missing SPF Record (Medium)

Without SPF, mail servers can’t verify which domains are allowed to send on your behalf.

Fix: Add an SPF record like v=spf1 include:_spf.yourprovider.com ~all.

🟡 Open Port 443 (Unknown) (Low)

HTTPS port detected with no identified service.

Fix: Confirm it’s needed. If not, close or restrict access.

🟡 Open Port 80 (Unknown) (Low)

HTTP port detected with unknown service.

Fix: Same as above — review and restrict if unnecessary.

4. Filters and search

Use filters at the top of the dashboard to:

• Focus on specific risk levels

• View only certain domains or IPs

• Hide resolved findings

• Track newly discovered issues

This helps you prioritize your response and reduce noise.

5. Activity timeline

You’ll also find a timeline of key events:

• Completed scans

• New findings

• Status changes (e.g., from Open to Resolved)

This helps track your remediation progress over time.

Tip: Make it a habit to review your dashboard weekly — or turn on notifications to stay informed when new risks appear.

👉 Next up: How to resolve vulnerabilities

Related Articles
How to resolve vulnerabilities
Understanding your attack surface
Risk levels explained
From unknown assets to fixed issues — Your first 7 days with Tresal
Did this answer your question?