Fingerprint comparison

Before comparing runs

Use this page after a baseline scan, retest or scheduled monitoring run has completed. Fingerprint comparison is the product step that compares stable issue identities between two completed runs. Do not decide that a finding is new, recurring or resolved until the comparison uses the same accepted scope and enough evidence exists for both runs.

Compare scan fingerprints

Follow the path `Completed scan run → Baseline selection → Fingerprint comparison → Issue change states → Retest outcome or monthly summary`.

1. Open /projects/{project}/monitoring and choose the completed scheduled scan, retest or baseline run you need to compare. Result: baseline_scan_run_id and comparison_scan_run_id are visible before you interpret changes.
2. Confirm both runs used the same accepted project scope. Result: comparison only uses findings from the same authorized domain and page group.
3. Review issue_fingerprint for each finding that changed. Result: matching fingerprints can be treated as recurring evidence instead of a new title-only finding.
4. Compare current-only, previous-only and shared fingerprints. Result: the page can label findings as new, resolved or recurring without guessing from wording.
5. Open the finding detail when severity, evidence, URL or duplicate count changed. Result: changed evidence is checked before remediation, publication or monthly summary decisions.
6. Continue to Issue change states after the comparison is complete. Result: the next page explains which state drives retest, monitoring or summary actions.

Comparison result states

Use the comparison result before deciding what the customer should do next.

• New finding means the issue_fingerprint appears only in the comparison scan run.
• Recurring finding means the issue_fingerprint appears in both baseline and comparison runs for the accepted scope.
• Resolved finding means the previous issue_fingerprint is absent from the comparison run and the scan completed with enough evidence.
• Changed evidence means the fingerprint matches, but severity, URL, artifact availability or duplicate count changed and needs issue detail review.
• No change means the shared_fingerprints set did not introduce a customer-facing issue state change.

Blocked or inconclusive states

Keep these states visible instead of forcing a new, recurring or resolved label.

• Missing baseline means comparison cannot run until a completed earlier scan exists for the same project.
• Fingerprint unavailable means a finding is missing issue_fingerprint and must be reviewed through issue detail and evidence artifacts.
• Scope changed means the accepted domain, page group or URL list changed enough that the runs may not be comparable.
• Evidence incomplete means screenshot, HTML, console, network or scanner evidence is missing for a reliable resolved-state decision.
• Retest still running means the comparison_scan_run_id is not ready and issue states should not be interpreted yet.
• Redacted or private evidence means public report, export or monthly-summary wording may need a separate safe-sharing check.

Continue to issue states

Comparison is complete when baseline_scan_run_id, comparison_scan_run_id, accepted scope and issue_fingerprint groups are visible, and every changed finding has a new, recurring, resolved or inconclusive state. Use the related Issue change states page after comparison finishes. Use Inconclusive evidence when comparison is blocked, Retest outcomes when the comparison came from a fix retest, and Monthly summaries when the comparison came from recurring monitoring.