I am trying to develop a report to help with compliance reporting. I need the report to show:
- number of new vulnerabilities (CRITICAL, HIGH, MEDIUM, LOW)
- number of remediated vulnerabilities (CRITICAL, HIGH, MEDIUM, LOW)
- number of outstanding vulnerabilities (CRITICAL, HIGH, MEDIUM, LOW)
Period is last 90 days and I want to use the ‘first discovered date’ as the date to determine what vulnerabilities to include for new.
Rating scale below:
|None|0.0|
|Low|0.1 - 3.9|
|Medium|4.0 - 6.9|
|High|7.0 - 8.9|
|Critical|9.0 - 10.0|
It baffles me why this is so difficult to obtain from Rapid 7…