All, I have been trying to generate an Asset Report based on a current scan so I can get the First Found / Last Found columns populated and that has been a success to some degree. When I generate this report on a currrent scan that was run, the report is pulling in more vulnerabilities than what was reported in my scan vul csv file.
Does anyone have a trick to get the asset report on a scan to match up exactly to the actual vul csv files from the same scan?
When using Scan Name as a filter in your asset report you are limiting the report to display the assets that were found in the scan. The asset report is intended to report all information known for the assets...which is why you see all vulnerabilities found even from other scans. The scan name is only providing the asset report with a filtered list of assets. To get closer to what you are seeing in a scan report you could limit the vulnerabilities displayed in the report to only display the vulnerabilities selected in the scan of concern. In the Sections tab of the asset report template click 'Select Vulnerabilities'. If you are using a Vuln Set this gets even easier. You can chose the vuln set in the drop down...otherwise you can manually check the vulnerabilities you would like to see in the report.
Hope this was helpful,