Historical report of Vulnerability Counts

I need to create a report to meet regulatory requirements that can provide the following information:

• Time period: 12 month period in the past.
• Vulnerability Counts, broken down by CVSS v3 Low, Med, High, Critical severities:
	○ Detected vulnerabilities.
	○ Remediated vulnerabilities.
	○ Open vulnerabilities.
• The above counts should include vulnerabilities on assets that have been removed.
• Asset Scoping to be determined by a regex pattern matching against asset names.
• Notes
	○ Our Console has been configured to use Active Risk strategy.

I reviewed this SQL Query Export, but it looks to use a baseline scan rather than a historical time period.

I’ve explored various Dashboard cards but the appropriate cards provide counts for just a few weeks.

It seems that the Query Builder doesn’t have the capability to report on historical counts, especially for deleted assets.

I’ve explored the Console-generated reports, as well, but I can’t find a report that can be configured to the above requirements.

Any insights would be greatly appreciated :slight_smile:

1 Like