Provide customers with a way to query what vulnerabilities have been remediated for a given date range AND/OR by the vulnerability remediated date. For example: vulnerable.remediated = true / false , vulnerability.remediated.date
I am finding it CRAZY that there is no way to query all vulnerabilities that have been remediated (mitigated) for a specific time frame in Query Builder / Explorer. You also cannot do it in the Vulnerabilities page, nor can you do it with a linked dynamic asset group either.
Moreover, there is no console or cloud report that gives you this capability.
First, I tried the ‘New vs. Remediated Vulnerability Comparison Over Time’ dashboard card, but it does not allow for exporting both new and remediated in one CSV. Also it does not provide the remediated date for the vulnerability or the last observed/scanned date.
I am trying the SQL query ( insightvm-sql-queries/sql-query-export/New-and-Remediated-Vulns-with-Vuln-details.sql at master · rapid7/insightvm-sql-queries · GitHub, for an auditor request that requires we produce all active and remediated vulnerabilities from 10/1/23 to 10/1/24. This is also within our data retention period as well.
The SQL query preview works and shows some results with no remediated date for each vulnerability. But when you run the report, it produces a CSV without date it was remediated or even an accurate scan date. The 9,533 rows all show a time and no date:
**This is critical for regular auditors and compliance. **