Three new reports are available to Alert Logic Managed Detection & Response (MDR) customers to help you review findings and assess details from your internal and external vulnerability scan schedules. The new Scan Host Summary, Scan Details List, and Scan Variance reports display details and vulnerability findings for a specific scope at a specific point in time, based on your scan schedules. With this information, you can compare the findings for different points in time, document remediation efforts, and demonstrate compliance.
Note: For customers familiar with Alert Logic Cloud Defender or Threat Manager scanning, these new reports in Alert Logic MDR provide the same type of information available in the Export options when reviewing scans in Alert Logic Cloud Defender and Threat Manager.
New Scan Reports
With this release, three new reports are available:
- Scan Host Summary: The Scan Host Summary report provides a breakdown of vulnerable hosts and vulnerability instances found by the selected scan with asset-level detail. For more information on this report, refer to our Scan Host Summary documentation.
- Scan Details List: The Scan Details List report provides a detailed list of each vulnerability found by the selected scan. For more information on this report, refer to our Scan Details List documentation.
- Scan Variance: The Scan Variance report provides a comparison to the previous scan for new, resolved, and unresolved vulnerability instances found by the scan. For more information on this report, refer to our Scan Variance documentation.
Note: To view details on these reports, you must first select a specific scan schedule and scan start date using the filters at the top of the report.
Accessing the New Scan Reports
These new reports can be accessed in two ways – from the Reports menu and from Scan Schedules. When accessed along with other Vulnerabilities reports in the Reports menu, you can view information from multiple or specific scan schedules and determine which scan dates (recent and historical) to include in the report. If you want to view the most recent details for a specific scan schedule, you can also access these reports from Scan Schedules.
To access these reports with other Vulnerabilities reports, navigate to (navigation menu) > Validate > Reports > Vulnerabilities > Scan Schedule Breakdown.
From this page, the three new reports can be accessed and scheduled. Use the filters available on each report to view details from specific scan schedules and past instances of the scans.
To access the most recent findings from specific Scan Schedules, navigate to > Configure > Deployment > select a deployment > Scan Schedules. For any existing scan schedule, click View to show a summary of the scan schedule. Three new buttons display at the bottom of the summary for the three new reports.
Click the corresponding button for the report you want to view. The report opens in a new browser tab or window with filters in place to review the most recent details.