In this article:
Purpose and Summary
When reviewing scorecard findings, sometimes it may appear that there are duplicate findings in the findings list, per issue type. In fact, each finding represents a unique measurement value, not duplicate data.
Examples:
Overall Solution
In the above example, the repeated targets "exch1.company.com" and "100.100.100.100" are repeated. Additionally, the domain "exch1.company.com" resolves to the IP "100.100.100.100". This is expected behavior for the following reasons:
- Findings by domain and IP are different and can be remediated in different ways.
For example, for the issue types related to TLS findings, an IP and domain virtual host might have to be configured separately to remediate the finding. - Each target is repeated by a unique port value. As a result of this, the findings are represented twice to represent those unique attack surfaces.
NOTE: If we detect a SNI against 1 of the SSL findings, then we can accept the removal of the finding without the SNI.