Hi,
I have a MSSP providing vulnerability scanning service using InsightVM and I am informed that there is no easy way to pull a report from insightVM to show the closed vulnerabilities.
This sounds lame to me. I am aware of other platforms having this capability. Also isn’t this one of the audit-worthy reports that InsightVM should provide?
Reaching out here to see if any of you have faced this problem or worked around this by some other means.
Thank you,
InsightVM does not specifically track remediated vulnerabilities in any date table per asset. However the reports youre referring to, we do track remediated vulnerabilities when comparing scans to one another.
This essentially grabs two different scan results and compares the deltas. If on Scan A you had this java vulnerability but on Scan B you no longer have this vulnerability then the report would deem it remediated. Unfortunately you are right, it is something that we can (and are in the process of) improve. Were curre tly gearing up for a complete change in the logic of how the data is stored in the database and that will be one of the benefits.
However, what you could do now is set up a data warehouse. The data warehouse actually has a specific remediation_date table that does just what youre looking for. The only thing to note is that you must configure tour export to run daily and your results will only be as accurate as your scanning cadence.