SecurAtlas integration findings are security issues detected automatically by your connected integrations and surfaced inside the platform. This page explains what findings are, how severity and status work, how findings map to your controls, and how resolving findings improves your risk score.
What are integration findings?
When SecurAtlas syncs a connected integration, it imports security issues from that provider — for example, an S3 bucket with public access enabled, a user account without MFA, or an unpatched vulnerability on a managed device. Each of these issues becomes an integration finding in SecurAtlas.
Findings are not just informational. SecurAtlas matches each finding to one or more controls in your library through the coverage map. When a finding maps to a control, SecurAtlas counts that control as auto-implemented and records the finding as evidence. This means findings directly affect your compliance posture and risk score.
Severity levels
Every finding has a severity that reflects the potential impact of the issue:
| Severity | Meaning |
|---|
| Critical | Immediate risk of data breach or system compromise. Address these first. |
| High | Significant risk that could lead to a breach if not remediated. |
| Medium | Moderate risk that should be scheduled for remediation. |
| Low | Minor risk or informational issue with limited immediate impact. |
Resolving critical and high findings has the greatest positive effect on your risk score. Prioritize these before addressing medium and low findings to improve your score as efficiently as possible.
Finding statuses
Each finding has one of three statuses:
Open — The issue was detected and has not been addressed. Open findings count against your risk score and appear highlighted on the Integrations page.
Resolved — The issue has been fixed in the source system. SecurAtlas marks a finding as resolved automatically on the next sync when the condition is no longer detected. You cannot manually mark a finding as resolved — it transitions to this status when the underlying issue disappears.
Suppressed (Acknowledged) — You have reviewed the finding and accepted the risk, or determined it is a false positive. Click Acknowledge on any open finding to suppress it. Acknowledged findings no longer count as open issues, but they are retained for audit purposes.
How findings map to controls
SecurAtlas uses a coverage map to link integration findings to your control library. When a finding matches a control’s requirements, that control is automatically marked as implemented and the finding is attached as evidence.
You can review the coverage map at any time:
- Go to Integrations and open the Coverage Map tab.
- The map shows each connected provider, how many controls it covers, how many are fully implemented versus partially covered, and the overall coverage percentage.
- Providers not yet connected also appear in the map, showing how many controls they would cover if you connected them — useful for deciding which integration to add next.
The coverage map is powered by the /api/integrations/coverage-map endpoint, which SecurAtlas queries automatically. You do not need to configure the mapping manually.
Viewing findings
On the Integrations page:
- Navigate to Integrations and click the Findings tab.
- The findings table shows each finding’s title, severity badge, source connection, detection time, and current status.
- Open findings show an Acknowledge button. Click it to suppress a finding you have reviewed.
- The findings count badge next to the Findings tab label shows how many open findings exist across all connections.
On the Dashboard:
The Automated Coverage widget on the dashboard shows a summary of open findings and estimated financial exposure. Click View Integrations Hub in the widget to navigate directly to the Integrations page.
Each connection row in the Connected table also shows its open findings count. If a connection has open findings, the count appears in red.
How findings affect your risk score
SecurAtlas uses findings in two ways to calculate your risk score:
-
Control auto-implementation: When a finding maps to a control, that control is counted as implemented. More implemented controls raise your risk score.
-
Open findings penalty: Open findings — especially critical and high severity — contribute to your financial exposure estimate and can reduce your overall score. Resolving findings (by fixing the underlying issue in the source system) or acknowledging them removes them from the open count.
The most effective way to improve your score through integrations is to connect all relevant providers, then work through open critical and high findings systematically until they are resolved or acknowledged.