Security findings surfaced by assessments. Triage, severity, status.
List saved findings viewsReturn the caller's own views plus org-shared views.Create a saved findings viewCreate a findings view owned by the caller.Update a saved findings view (owner only)Patch an owned view. Non-owners get 404 (existence hidden).Delete a saved findings view (owner only)Delete an owned view. Non-owners get 404 (existence hidden).List findingsList findings across the caller's organization with filters + RBAC.List pending risk-acceptance approval requestsList pending risk-acceptance approval requestsApprove a pending finding risk acceptanceApprove a pending finding risk acceptanceReject a pending finding risk acceptanceReject a pending finding risk acceptanceFetch a findingFetch a single finding by public ID.Triage a findingUpdate finding triage (status, severity, fix suggestion, etc).Bulk-triage findings on the global findings listApply one status transition to many findings at once.Bulk-assign findings to a triage ownerAssign or clear one user owner across many findings at once.Bulk export findings to their assessments' issue trackersOpen one tracker issue per finding via the per-assessment target.Bulk action on findingsApply one triage action to many findings at once.Create an external issue from a findingExport a finding to its assessment's active issue-export target.List external issues for a findingReturn the export records for a finding (most recent first).List a finding's collaboration threadReturn the comment thread for a finding, oldest first.Post a comment on a findingPost a comment (optionally a reply, optionally with @mentions).Edit your own comment on a findingEdit a comment's body + mentions (author only).Delete a comment (author or admin moderation)Soft-delete a comment (author, or org admin/owner moderation).Finding activity timeline (status events + comments)Return the merged status-event + comment timeline, oldest first.Aggregate findings by severityAggregate finding counts by severity, respecting RBAC.Aggregate findings by vulnerability typeAggregate finding counts by vulnerability type, respecting RBAC.Remediation timing, triage timing, reopen rate, and open agingTime-to-remediate / time-to-triage / reopen-rate per severity + open aging.Currently-open findings past their severity SLA, worst overage firstOpen findings exceeding the org's per-severity remediation SLA.Open findings bucketed by SLA standing: breached / at-risk / on-trackOpen findings split into breached / at-risk / on-track.Posture trends: new-vs-resolved, MTTR by severity, %-within-SLABoard-deck posture trends over the finding lifecycle.Board-deck posture export (CSV / JSON)Download the full posture snapshot (remediation + breaches + trends).Compliance-control coverage rollups per frameworkMap findings to compliance controls with per-control status rollups.Export compliance evidence rows (csv|jsonl)Deterministic per-(control,finding) audit-evidence export.Run-over-run finding delta for an assessment (auto base)Compare this assessment (head) against the prior terminal project run (base).Export an assessment's findings (SARIF / JSON / CSV / VEX)Stream an assessment's findings as a downloadable SARIF/JSON/CSV file.All-frameworks compliance report for an assessment's findingsBuild the single all-frameworks compliance report.Run-over-run finding delta between two project assessmentsCompare two assessments attached to the same project.