Three-month Vulnerability Trend report in Nexpose

Document created by mrongali Employee on May 28, 2013Last modified by mrongali Employee on May 29, 2013
Version 3Show Document
  • View in full screen mode

Have you ever wondered how to track the security posture of your organization and the success of your remediation efforts over time?  Have you ever asked questions like:

  • Are the number of vulnerabilities increasing or decreasing over time?
  • Are the number of assets increasing or decreasing over time?
  • Is my remediation process effective?
  • How are critical, severe, or moderate vulnerabilities changing?
  • Is the average age of vulnerabilities going up or down?


Here you go… Create a trend report with the attached template. This report shows key vulnerability trends so that you can easily track your security posture and the success of your remediation efforts for the past three months. Trends include assets scanned, vulnerabilities discovered, vulnerability age, severity levels, and exploit and malware kit exposures.


Similar to any other report in Nexpose, you can restrict the data in the report to specific sites, asset groups, or vulnerability categories based on your specific needs. For example, if you have a dynamic asset group that is configured to only include Windows Assets, you can create a trend report that displays trend charts for the Windows assets in your environment.


How can I generate a trend report in Nexpose?

1) Download the attached Vulnerability Trend template.

2) Create custom report template by uploading attached template in the Security Console Web interface.



3)  Generate a trend report with the template created above. The generated report will contain the following charts:


   This chart explains how the number of vulnerabilities and assets are changing over time:




   This chart explains how your exposure to exploits and malware kits are changing over time:



  This chart explains how critical, severe, and moderate vulnerabilities are changing over time:




  This chart shows whether or not your remediation efforts are effective at fixing older vulnerabilities.



In order to upload and generate this report, you must update to Nexpose Version 5.6.6 or later.


Please share with us any feedback you have on this new report template in the comments section below.

Note: Report generation may take longer time than other reports in Nexpose depending on the report scope.