Audit and Scan evidences
DeepTraq maintains a complete audit trail of all scan activities, providing full transparency and accountability for security assessments. Access detailed historical data, scan logs, and technical evidence for compliance and investigation purposes.
Accessing Scan History
Navigate to the History tab in the Vulnerability Dashboard to view the complete timeline of all scans performed on your targets. This tab shows a comprehensive record with a counter indicating the total number of historical scan entries.
The History table displays all previous scan executions with detailed information for audit and tracking purposes.
Instance ID: Unique numerical identifier for each scan instance. Helps reference specific scan executions in logs and support requests.
Start Time: Clickable timestamp link showing when the scan began. Format includes date and time. Click on the timestamp to view the complete results from that specific scan execution.
Ago: Relative time indicator showing how long ago the scan was performed (e.g., "1 month ago", "just now"). Provides quick context for scan recency.
Duration: Total time taken for the scan to complete. Shows detailed breakdown including months, weeks, days, hours, minutes, and seconds. Examples include short scans and longer comprehensive assessments.
Total Findings: Number of vulnerabilities discovered during that scan. Displays numerical count or dash if scan didn't complete. Helps track security improvements over time.
Status: Current state of the scan execution with color-coded badges:
- Done (green badge): Scan completed successfully
- Scan not started (yellow badge): Scan scheduled but not yet executed
- Scan Submit Error (red badge): Scan encountered errors during execution
Summary: Visual severity breakdown showing color-coded badges with counts:
- C (Critical): Dark burgundy badge
- H (High): Red badge
- M (Medium): Orange badge
- L (Low): Yellow badge Each badge displays the number of findings at that severity level.
Actions: Three-dot menu providing access to additional options for each scan entry.
Viewing Previous Scan Results
Accessing Historical Results
Click on any Start Time timestamp link to navigate to the complete results from that specific scan execution. This opens the full Vulnerability Dashboard view with all tabs populated with data from the selected historical scan.
What You Can Access
When viewing historical scan results:
- Complete vulnerability listings from that execution
- Port scan results and service detection data
- Network topology from that point in time
- All findings with their original severity ratings
- Technical details and CVE information
- AI-generated reports if they were created
- Comparison data with other scans
Use Cases for Historical Results
Compliance Audits: Demonstrate regular security assessments and remediation progress to auditors.
Trend Analysis: Compare findings across multiple scan executions to track security posture improvements.
Incident Investigation: Review scan data from specific time periods when investigating security incidents.
Verification: Confirm that vulnerabilities were present or absent at specific points in time.
Actions Menu Options
Click the three-dot menu in the Actions column to access additional scan operations.
Download
Export scan results and reports in various formats for documentation, sharing, and analysis purposes.
Output
View detailed technical output and logs from the scan execution. This option opens a modal window showing comprehensive scan evidence.
Error
For scans with "Scan Submit Error" status, access detailed error information to understand what went wrong and troubleshoot issues.
Scan Output and Technical Logs
The Output option provides access to the complete technical evidence and logs generated during scan execution.
Output Modal Window
Header: "Vulnerability Output" - clearly identifies the technical log view
Content Display: Black terminal-style interface showing raw scan output with syntax highlighting and formatting.
Output Information Structure
Vulnerability Description: Plain text explanation of what the scan detected, including:
- Error codes and HTTP responses
- Security check results
- Configuration findings
- Technical details about the vulnerability
Divider Section: Separates main findings from additional technical data
Additional Information Section: Contains technical metadata including:
- CPE (Common Platform Enumeration): Identifies the platform or shows "null" if not applicable
- QOD (Quality of Detection): Numerical score indicating detection reliability (e.g., "80")
- Additional technical parameters and values
Expandable View: Click the chevron icon to expand or collapse detailed output sections for better readability.
Output Display Features
Code-Style Formatting: Monospace font with syntax highlighting for technical readability
Collapsible Sections: Expand or collapse different vulnerability outputs to focus on specific findings
Status Indicators: Green checkmark icons show successfully completed checks
Raw Data Access: View unfiltered scan engine output exactly as it was generated
Scan Error Details
For scans that failed or encountered errors, the Error option in the actions menu provides diagnostic information.
Error Modal Window
Header: "History scan errors" - identifies the error log view
Job Identifier: Shows the unique job ID at the top with execution time
Error Information Display:
- Error Type: Specific error classification (e.g., "ECONNRESET", network errors)
- Error Message: Human-readable description of what went wrong
- Scanner Information: Which scanning engine encountered the error (e.g., "cspm")
- Technical Details: Complete error payload with:
- Connector information
- Service account credentials (sanitized)
- Authentication endpoints
- Project identifiers
- Private keys (BEGIN/END markers with content hidden)
- API endpoints and URIs
- Configuration parameters
Expandable Sections: Click chevron to expand or collapse error details for easier navigation
Raw Error Logs: Complete technical stack trace and error output for troubleshooting
Using Error Information
Troubleshooting: Identify specific failures in scan configuration or execution
Configuration Issues: Detect problems with credentials, network connectivity, or permissions
Support Requests: Provide detailed error information when contacting support
Documentation: Record issues for internal tracking and knowledge base
Search Functionality
Use the Search Results bar at the top right to filter historical scans by:
- Instance ID
- Date ranges
- Status types
- Duration patterns
- Finding counts
Audit and Compliance Benefits
Complete Audit Trail
Immutable Record: Every scan is permanently recorded with timestamp and execution details
Evidence Collection: Technical logs and outputs serve as evidence for security assessments
Compliance Proof: Demonstrate regular vulnerability scanning for regulatory requirements (PCI-DSS, SOC 2, ISO 27001, HIPAA)
Chain of Custody: Track who ran scans, when they were executed, and what was found
Reporting and Documentation
Historical Analysis: Generate reports showing security improvements over time
Trend Tracking: Document remediation effectiveness through before/after scan comparisons
Board Reporting: Use historical data to show security program maturity and progress
Incident Response: Access historical scans during security incident investigations
Verification and Validation
Remediation Verification: Confirm vulnerabilities were fixed by comparing scans before and after patches
New Vulnerability Detection: Identify when new issues were introduced by comparing with baseline scans
Configuration Changes: Track impact of infrastructure changes through scan result comparisons
Regression Testing: Ensure fixes don't reintroduce previously resolved vulnerabilities
Regular Review
Weekly Reviews: Check recent scan history to ensure scans are running as scheduled
Monthly Analysis: Review trends in findings and remediation progress
Quarterly Audits: Comprehensive review of all scan history for compliance reporting