Retesting Vulnerabilities

When a vulnerability has been remediated and you want to retest that vulnerability to ensure it’s been corrected, use the Retest function in the Findings section.The Retest column contains a link to request retesting for that specific vulnerability. To request retesting for multiple vulnerabilities, select the vulnerabilities using the checkbox to the left of the Vuln ID and use Bulk Actions to request the retest.

To access and use the Findings tab, perform the following steps:

From the main WhiteHat Portal menu, click Findings.
The table displayed lists the vulnerabilities by Vuln ID, Rating, Class, Status, Last Opened/Closed, Asset Name, Asset Type, Last Retest and Retest functions.
Click Retest to request an automatic retest.
If the retest started an automatic retest of the vulnerability, the following is displayed.

Retest States

There are various retest states in the WhiteHat Portal, as shown below:

Initial Retest Statuses

When a new vulnerability is reported, it will initially be in one of these possible retest states:

Status	Description
Automatic Retest Available	If you request a retest, an automatic retest runs on that specific vulnerability.
Manual Retest Available	This status is for vulnerabilities that require manual evaluation. If you request a retest, a member of the Threat Research Center will re-evaluate the vulnerability.
Retest Temporarily Unavailable	If your vulnerability is in this retest status, a scan has been suspended. Contact us at support@whitehatsec.com so we can begin troubleshooting.
Retest Unavailable due to Access Issue	If your vulnerability is in this retest status, confirm the site is running and the appropriate credentials are available. Contact us at support@whitehatsec.com if you cannot identify the access issue.
Retest Unavailable, Site Inactive	If a vulnerability is in this retest status, the site has been set to inactive in your Sentinel account.
Retest Unavailable, Vulnerability Out of Scope	If the hostname associated with a vulnerability has been removed, the vulnerability is shown as Out of Scope. This status can also occur after a retest request has been submitted.

Status

Description

Automatic Retest Available

If you request a retest, an automatic retest runs on that specific vulnerability.

Manual Retest Available

This status is for vulnerabilities that require manual evaluation. If you request a retest, a member of the Threat Research Center will re-evaluate the vulnerability.

Retest Temporarily Unavailable

If your vulnerability is in this retest status, a scan has been suspended. Contact us at support@whitehatsec.com so we can begin troubleshooting.

Retest Unavailable due to Access Issue

If your vulnerability is in this retest status, confirm the site is running and the appropriate credentials are available. Contact us at support@whitehatsec.com if you cannot identify the access issue.

Retest Unavailable, Site Inactive

If a vulnerability is in this retest status, the site has been set to inactive in your Sentinel account.

Retest Unavailable, Vulnerability Out of Scope

If the hostname associated with a vulnerability has been removed, the vulnerability is shown as Out of Scope. This status can also occur after a retest request has been submitted.

Retest Request Statuses

When you request a retest for a vulnerability, the retest status updates. After you request a retest, the vulnerability’s retest status displays as one of the following:

Status	Description
Automatic Retest Running or Retest During Next Scan	This status indicates that there is an automatic assessment of the vulnerability currently in process. If scanning is paused per schedule, this indicates that a retest will run in the next scan.
Manual Retest Pending	This status indicates a manual assessment of the vulnerability by the Threat Research Center is pending. Expect to see a result within a business day.
Retest Unavailable, Vulnerability Out of Scope	If the hostname associated with a vulnerability has been removed, the vulnerability displays as Out of Scope. This status can also occur after a retest request has been submitted.

Status

Description

Automatic Retest Running or Retest During Next Scan

This status indicates that there is an automatic assessment of the vulnerability currently in process. If scanning is paused per schedule, this indicates that a retest will run in the next scan.

Manual Retest Pending

This status indicates a manual assessment of the vulnerability by the Threat Research Center is pending. Expect to see a result within a business day.

Retest Unavailable, Vulnerability Out of Scope

If the hostname associated with a vulnerability has been removed, the vulnerability displays as Out of Scope. This status can also occur after a retest request has been submitted.