Would anyone from the #insightvm team at Rapid7 be able to jump in and explain how New vs Remediated comparison over time and New vs Remediated vulnerabilities over time work? I see a few posts unanswered here on the subject, and I can’t find anything concrete in the docs either.
Looking at mine as an example, I have filtered for this month and even going by the modified date I can see vulns listed as far back as July 2020. In this context, what qualifies as new?
From a management perspective, in the last month we have 20K “new” vulnerabilities, of which we have only remediated 2K.