Interactive Lab

Case: Security Assessment with Partial Data

Interactive Lab

Exercise 1 of 3 | Points: 0 / 80

Back to Case

Multi-Scanner Result Correlation

intermediate

Correlate findings from two vulnerability scanners with different results.

points

Instructions

Two scanners produced different results for the same target.
Determine which findings are genuine and which are false positives.

Steps:

Compare Scanner A (12 high-risk) vs Scanner B (3 medium-risk) results
Identify overlapping findings
Assess false positive probability for each unique finding
Create a consolidated vulnerability list

Submit with:

confirmed_vulnerabilities: list of confirmed findings
false_positives: list of likely false positives
uncertain: list of findings needing manual verification
confidence: 0.0 to 1.0

Initial Data

{
  "scanner_a_results": [
    {
      "id": "SA-001",
      "type": "sql_injection",
      "severity": "high",
      "confidence": 0.9
    },
    {
      "id": "SA-002",
      "type": "xss_reflected",
      "severity": "high",
      "confidence": 0.7
    },
    {
      "id": "SA-003",
      "type": "xss_stored",
      "severity": "high",
      "confidence": 0.6
    },
    {
      "id": "SA-004",
      "type": "csrf",
      "severity": "high",
      "confidence": 0.85
    }
  ],
  "scanner_b_results": [
    {
      "id": "SB-001",
      "type": "sql_injection",
      "severity": "medium",
      "confidence": 0.8
    },
    {
      "id": "SB-002",
      "type": "outdated_software",
      "severity": "medium",
      "confidence": 0.95
    },
    {
      "id": "SB-003",
      "type": "weak_tls",
      "severity": "medium",
      "confidence": 0.9
    }
  ]
}

Your Submission

Confirmed Vulnerabilities

False Positives

Confidence

Exercises

Available Tools

Vulnerability Scanner

Cve Database

Score

of 80 points