Vulnerability Aging Summary & Detail

Document created by ereiners Employee on Jan 18, 2013Last modified by erikc on Jul 11, 2014
Version 11Show Document
  • View in full screen mode

The Vulnerability Aging report templates are designed to provide insight into the changes in age of vulnerabilities discovered against your assets. These templates group and display vulnerabilities by the date they were first discovered. This view provides insight into newly discovered vulnerabilities, as well as those that are aging and continue to remain a threat in your network.

 

The Vulnerability Aging Summary Report is intended to answer "How many assets in my sites are subject to vulnerabilities discovered n the last 30, 60, 90, and 90+ days?". This C-level summary shows a synopsis of the sites and asset groups that the assets within the scope of your report are associated to. For each site and asset group, a summary of vulnerabilities discovered by severity is presented. The count of vulnerabilities is the number of vulnerabilities for each asset in the site or group. These details are provided:

  • Name of the site or asset group
  • Number of assets in the site or asset group (configured in the scope of the report)
  • Number of vulnerabilities in the site or asset group detected on the most recent scan of each asset, categorized by vulnerability severity and age of the vulnerability on the asset (number of days since it was first discovered):
    • <30 days
    • 30-60 days
    • 60-90 days
    • 90+ days

updated_vuln_age.PNG.png

 

The Vulnerability Aging Detail Report takes this idea one step further and answers "What assets and vulnerabilities am I vulnerable to that have been discovered in the last 30, 60, 90, and 90+ days?". The report offers detailed break-down by site, asset, and vulnerability. Each count displays the total number of instances of that vulnerability found on the asset. You can also see a breakdown of how many assets have at least one vulnerability in each severity and time category, for each site, and across your entire report scope.

 

vuln-age-details.png

 

With these reports and the Asset Filtering and Vulnerability Filtering capabilities of Nexpose, you can gain insight into risk based on the age of known vulnerabilities in your environment. Download it and upload to your Nexpose console on the "Reports -> Manage Report Templates" tab.

 

Update: What's new in the latest version?

  • Support of Tags
  • Total of row added to the summary for Asset Groups and Tags
  • Supporting aggregation by asset group in the summary report
  • Asset counts display all assets in the site or group, even if they have no vulnerabilities discovered
  • Displaying both the IP address and host name (if available) in the details report
  • Total row added to the summary for sites to total all sites in a single row
  • Style and color changes to make the reports more readable when printing in grayscale
  • Several numerical calculation problems that caused some of the values to be incorrect
  • Minor cosmetic changes
9 people found this helpful

Outcomes