Hi everyone. I’m new to Rapid7 and not too experienced with SQL. I’m looking to make a report that will generate a list of all vulnerabilities with a CVSS score of 7 or higher that are over 60 days since the date they were first discovered by a scan. I would be looking to limit this report to an asset group that we have called Workstations. I would like for the report to also display the proof of the vulnerability along with the solution. If anyone has something along these lines that they would like to share that would be appreciated. Thank you.
Hi Gabe,
We already have a similar yet not exact answer to what you are lookin for as a card available in the InsightVM dashboard. It is called the Vulnerability Discovery Date by CVSS Score card. Shows you almost most of what you need, and you can make a static remediation project (which should show you the solutions and help track the progress of remediating those vulnerabilities) out of just selecting the section of vulnerabilities of you are looking for , you can also apply a query which can help scope down the view to just those assets in your asset group
https://docs.rapid7.com/insightvm/query-in-cards
https://docs.rapid7.com/insightvm/remediation-workflow
I hope this helps, without having to do a SQL query.
Or directly use the Query Builder:
Thanks everyone for the suggestions. The reason I was looking to do a report is that we have some executives that while they dont log into Rapid7 have gotten accustomed to having a report generated that shows what systems have high/critical vulnerabilities over X days old and what those vulnerabilities are. So we used to have a report that would list system 1 and then any vulnerabilities detected on that system that were over 60 days old and a CVSS score of over 7 and then iterate through the system.
I’m sure something like this is possible in Rapid7 but my knowledge of SQL is rather limited at this point so I wanted to see if anyone had something similar that I could modify to fit this requirement. Thanks.