I am trying to use the fact_asset_vulnerability_finding_date, dim_asset and fact_asset_vulnerability_remediation_date tables in datawarehouse to get days it took to remediate a vuln on an asset. However, cant really figure out how and when a vuln on an asset is marked remediated and added to the remediation_date table. If a vuln is not found on an asset in a scan due to scan settings (unauthenticated), R7 marks it remediated to that date (snapshot day). Next scan , when the vul is found , a new entry is created in the table. Has anyone figured out a way to capture days to remediate for a specific vuln on an asset.