Vulnerability management software
that tracks every finding

Centralise every vulnerability in a single finding register

Vulnerability management is at the heart of every security engagement. Whether your team uncovers issues through manual security assessments, automated scanning, or compliance audits, each finding needs to be documented with enough detail for clients to understand the risk, prioritise remediation, and verify the fix. SecPortal's findings management module provides a structured, searchable register that captures the full lifecycle of every vulnerability from discovery to closure.

Instead of copying findings between Word documents, spreadsheets, and ticketing systems, security teams log everything directly in SecPortal. Each finding records the title, description, severity, CVSS vector, affected assets, evidence, remediation guidance, and current status. The result is a consistent, professional output that saves hours of formatting and reduces the risk of errors in client deliverables.

Five-tier severity classification

Import findings from your favourite scanners

Manual data entry is a bottleneck that slows delivery and introduces mistakes. SecPortal supports direct import from industry-standard vulnerability scanners so you can populate your finding register in seconds, not hours. Imported findings are automatically mapped to the correct severity level and linked to the active engagement.

Built for security teams, not generic project managers

Every feature in the findings module has been designed around the workflows that security teams actually use. From CVSS 3.1 vector string parsing to pre-built templates drawn from real-world assessments, SecPortal eliminates the boilerplate so your team can focus on analysis and client impact.