Hi Team, I am starting to lean into Remediation Projects and getting my systems teams onboard with them as well. I like the idea of empowering them to work independently and get myself out of the way in terms of being the middleman who has to generate a CSV report and email it.
Two pieces of data they are asking about and seem to be missing is the Last Scan Time and Vulnerability proof. Both of these are included in the CSVs that we currently send them.
Is there a way to get this information directly from the Remediation Project Screen? Am I Just missing it?
This is a great question - listening …
As far as I know, this can’t be done. I went down a similar rabbit hole. It’s frustrating because the number one thing I’m asked for is proof, and the number two thing is “when.” It would be really helpful if I didn’t have to go to a whole different place for that.
In the created remediation project, we can not find last scan time and vulnerability proof(Instances, we have to check manually)
If you want to find last scan time and vulnerability proof - go to vulnerabilities dashboard, apply filter with CVE ID or vulnerability title or available filters.
Then click on the CVE or vulnerability, you will get new page of vulnerability details and find the details at asset affects then you can export it.
I think the best way might be to use the SQL Query Report option and use a query like the one here
Glad to see others are interested in this.
Since posting this I have gotten with Rapid7 support and they confirmed this is not currently possible.
This is my #1 feature request and I am told they have the feature request in their system but no ETA.
To have to jump back to the legacy Vulnerability Screen or even worse generate a SQL query is pretty onerous and painful considering how powerful and simple the Query Builder and Projects are.
I have stopped using Remediation Projects in general, because sending one to a teammate always just results in them asking “can you send the proof?”, If I have to go export the proof separately, making the project in the first place was pointless. I might as well just start with the SQL Query or CSV export.
FYI, in the InsightVM roadmap call from the end of March, the R7 said this was coming “later this year”. Can’t wait