4 Replies Latest reply on Apr 24, 2012 6:12 PM by gooru4speed

    Asset Report, what is the correct setup?

    gooru4speed

      Hi everybody!

      I need some help with asset report. The report I need is very simple: high and medium vulnerabilities report. According what Cathy said on another discussion I created a new asset report from the ground and I configured filters as it is shown in the attached picture. In the Sections configuration I only checked Foundcore. Check please the attached picture from the report and verify that it was included informational, low, medium and high vulnerabilities, when the filter setup was only for high and medium vulns.

       

      Please I need your advise to understand if my MVM is not working well or I have a misunderstanding of asset reports configuration.

       

      Thanks!

      JR

       

      Asset Report Filter Config

      MVM_Asset_Filter.jpg

      Asset Report Sections Config

      MVM_Asset_Sections.jpg

      Asset Report Results

      MVM_Vuln_Report.jpg

        • 1. Re: Asset Report, what is the correct setup?

          Hi there,

           

          In the first screenshot, that section is meant to filter out the particular assets (scanned targets) you'd like to include in the report. Now if you look closely at the second screenshot there is a section you've left unchecked named "Vulnerability assessment". You need to check that box than follow up by clicking on the link to select the vulnerabilities. From there you would include a "Vuln Set" that is configured Med and High Sev vulnerabilities.

           

          Hope you find that this resolves your issue.

          • 2. Re: Asset Report, what is the correct setup?
            gooru4speed

            Thanks for your reply Moniker. If Section tab will setup the "filter" to get High and Medium vulns. what is the purpose to include "Vulnerability Severity" option in Filter tab?

            By the way get the report based on "Vuln Set" it is a non dynamic configuration, if a new high or medium vulnerability appears and you dont't manually update the "Vuln Set" that new vulnerabilities won't appear in following reports.

            • 3. Re: Asset Report, what is the correct setup?

              I believe the point of the vulnerability severity in the filter tab, is to allow you to include assets that have vulnerabilities matching the level you've filter for (in your case med and high). But if those assets also have low and info severities, those will also be added to the report as you've encountered and prompted this thread.

               

              So filter tab is used for filtering the list of assets you want to appear on the report, the sections tab allows you to filter out the vulnerabilities you want to appear on the report.

               

               

              As far as I know, when you use rule-based vuln sets than future vuln updates are added to the vuln set automatically. If you created you're vuln set by checking off the individual vulnerabilities, then new updates are not be included.

              1 of 1 people found this helpful
              • 4. Re: Asset Report, what is the correct setup?
                gooru4speed

                Thanks so much Moniker, I'm starting to see the light at the end of the tunnel.