Finding Templates
Finding templates are reusable vulnerability write-ups. Pre-fill the description, impact, and remediation once, then drop them into any report and tweak the specifics. If you find SQL Injection on every other engagement, you only have to write it up once.
The library supports full create, edit, duplicate, and delete on every tier.
Browsing
Open the Templates page and the Finding Templates tab. Filter by Category (categories form automatically from your templates, with no setup), sort by Last Updated or Title, and toggle list / grid.
Templates listed with category badges; a category dropdown narrows the list.
Creating and editing
Click New Finding, then set:
- Title: the vulnerability name (e.g. Cross-Site Scripting (Stored))
- Category: pick an existing one or type a new one
- Content fields: Description, Details, Impact, Remediation, and any custom fields, each in the full rich-text editor
To edit, click a template (or right-click → Edit). To duplicate, right-click → Duplicate (it creates a "(Copy)" you can adapt).
Admins can edit or delete any template; Editors only their own.
Using one in a report
In the report editor, click Add Finding to open the template browser:
- Browse or filter by category.
- Click a template to insert it as a new finding, pre-filled.
- Edit anything specific to this engagement.
Or click Create from Scratch for a blank finding.
The browser modal: category tabs across the top, template cards you insert with a click.
Deleting a template doesn't touch findings already created from it, because those are independent copies.
What ships by default
A fresh install includes one example so you can see the format:
| Template | Category |
|---|---|
| SQL Injection | Injection |
Open it to see how a template is structured, then use it as-is, duplicate it, or build your own library from there.