Three Month Vulnerability Trend

Document created by zeroorone Employee on May 29, 2013Last modified by ncrampton on Jul 18, 2013
Version 3Show Document
  • View in full screen mode

Have you ever wondered how to track the security posture of your organization and the success of your remediation efforts over time?  Have you ever asked questions like:

  • Are the number of vulnerabilities increasing or decreasing over time?
  • Are the number of assets increasing or decreasing over time?
  • Is my remediation process effective?
  • How are critical, severe, or moderate vulnerabilities changing?
  • Is the average age of vulnerabilities going up or down?

 

Here you go… Create a trend report with the attached template. This report shows key vulnerability trends so that you can easily track your security posture and the success of your remediation efforts for the past three months. Trends include assets scanned, vulnerabilities discovered, vulnerability age, severity levels, and exploit and malware kit exposures.

 

Similar to any other report in Nexpose, you can restrict the data in the report to specific sites, asset groups, or vulnerability categories based on your specific needs. For example, if you have a dynamic asset group that is configured to only include Windows Assets, you can create a trend report that displays trend charts for the Windows assets in your environment.

 

The vulnerability trend report contains several trending graphs. This chart explains how the number of vulnerabilities and assets are changing over time:

vulnerability-trend-sample.png

This chart explains how your exposure to exploits and malware kits are changing over time:

vulnerability-trend-sample-2.png

This chart explains how critical, severe, and moderate vulnerabilities are changing over time:

vulnerability-trend-sample-3.png

This chart show whether or not your remediation efforts are effective at fixing older vulnerabilities.

vulnerability-trend-sample-5.png


 

1 person found this helpful

Attachments

    Outcomes