is anyone using The Projects and Goals to track PCI Compliance? I am looking for a way to list assets that are compliant/non-compliant on the dashboard. I can not figure out how to scope the vulnerabilities to only include unauthenticated vulnerabilities from the scanners.
Our environment is too big to have a separate site and not link the assets. an i don’t want to rely on the console reports we are currently working on.
I have looked into creating tags to with certain vulnerability categories. I have looked at using discovered dates, but the agent report the same days as the scanners. I have tried using query builder and the filtered search but i can not figure out a way to get a list of vulnerabilities for PCI. this seems like it could be fixed if they just have a “Discovered Via” field that listed scan templates and agent.
has anyone else figured this out?