Skip to main content

How to resolve vulnerabilities

Detected a security issue in Tresal? Learn how to interpret, prioritize, and resolve findings directly from your dashboard.

Matthias Peeters avatar
Written by Matthias Peeters
Updated over a week ago

Vulnerabilities are security risks automatically detected during a scan. Each one includes context about the issue, its severity, and recommended steps to resolve it.

1. Where to find vulnerabilities

You can access and resolve vulnerabilities in two ways:

Option 1: From a specific scan

  1. Go to the Scans tab in the left-hand menu.

  2. Open the scan you want to review.

  3. Scroll to the Vulnerabilities section.

    You’ll see a list of all findings from that scan, including:

    • Risk level (e.g. Critical, High)

    • Status (Open or Resolved)

    • Type (e.g. EC2, S3, etc.)

    • Short description of the issue

    • Pass/Fail indicator based on your current configuration

  4. Click on any vulnerability to view detailed information and remediation guidance.

This view is useful when you want to investigate findings in the context of a specific scan.

Option 2: From the central Feed

  1. Go to the Feed tab in the left-hand menu.

  2. This view gives you a complete overview of all vulnerabilities across all scans and assets.

  3. Use the filters at the top to narrow down by:

    • Type (e.g. EC2, S3, etc.)

    • Risk level (Critical, High, etc.)

    • Status (Open, Resolved)

  4. Click on a finding to view full details.

The Feed is the fastest way to get a real-time overview of all open issues across your environment — regardless of scan or asset.

2. Understand the finding

Click on any finding to open the full details. You’ll see:

• What the issue is

• Why it matters (security risk)

• Where it was found (e.g. a URL or IP)

• A list of affected usernames or services (if applicable)

• A Remediation box with a concrete solution

• Reference links for deeper reading

3. Apply the recommended remediation

Tresal provides a clear, actionable fix for each issue.

Here are some real examples:

🟡 WordPress REST API User Enumeration (Low)

The REST API exposes public usernames via a predictable URL:

Found at: https://yourdomain.com/wp-json/wp/v2/users/

Remediation:

Install a WordPress plugin such as Stop User Enumeration.

This plugin prevents hackers from scanning your site for valid usernames via the REST API.

🟠 Missing SPF Record (Medium)

Your domain has no SPF record, making it vulnerable to email spoofing.

Remediation:

Add an SPF DNS TXT record like:

v=spf1 include:_spf.yourprovider.com ~all

🟡 Open Port 443 (Unknown) (Low)

An unknown service is running on HTTPS port 443.

Remediation:

Confirm whether this port should be publicly accessible. If not, close it or restrict it via firewall.

4. Mark the finding as resolved (optional)

After applying the fix, you can:

• Manually change the status to Acknowledged or Resolved

• Or wait for Tresal’s next scan, which will automatically update the status if the issue is no longer detected

5. Track your progress

Resolved findings will still appear in your activity log, so you can:

• Keep an audit trail

• Show remediation history to stakeholders

• Track trends in your risk reduction over time

Pro tip:

Don’t try to fix everything at once. Start with Critical and High risk findings, then work your way down.

Related Articles
Understanding your dashboard and risk score
Risk levels explained
What is ASM (Attack Surface Management) and do you actually need it?
Did this answer your question?