Several years ago, Alert Logic® introduced an algorithm to our FusionVM scanning engine to eliminate duplicate scan results. The algorithm reduced the number of findings shown within the Alert Logic console by deduplicating and consolidating the results that a vulnerability assessment scan produced.
Alert Logic has transitioned away from consolidating scan results due to both customer feedback and changing industry standard, which encourages reports to show duplicate issues on every port that they appear on. All scan results will now be enumerated on every port that issues are detected on. This allows customers to understand exactly where an issue manifests to ensure that all instances of the issue are fixed during the first attempt at remediation.
While there are no actions that you need to take around this update, you should expect to see a 10-15% increase in the number of distinct vulnerabilities listed in scan reports on your Vulnerability List and Remediations List in the Alert Logic console.
You may notice vulnerabilities that look like duplicates appearing on your reports. These are not duplicates, but rather different access points for the same software or application that has been detected as vulnerable. The following image is an example of duplicate-looking vulnerabilities that you may see in the Alert Logic console.