Filter a vulnerability report by date?
Working on my compliance evidence and trying to gather vulnerability scans on a specific date and not finding any way to grab a single day older than two weeks or so. I can see individual dates in the monthly scan but there isn't any way I can find to drill down and see the scan results for any particular day in the past 12 months. Is there a report with this filter and information? (A date picker rather than drop-down for reports would be super!)
-
Official comment
Hi Anthony! Thanks for your question. There are a few options depending on what you need to view and what platform/subscription you have with Alert Logic.
If you are using Alert Logic Cloud Defender or Threat Manager, you can access the last 10 scan executions for a specific scan policy at Overview > Scans. Additionally, under Reports > Scheduled > Vulnerability Reports, there are three vulnerability reports that you can run for a specific date range.
If you are using Alert Logic Managed Detection & Response, new reports are available that allow you to see scan details from specific scan schedules. These are available at Validate > Reports > Vulnerabilities > Scan Schedule Breakdown. However, these reports were released on March 25, so no data is available before then. If you don't need the full scan details, the Vulnerability Variance Reports (available at Validate > Reports > Vulnerabilities > Vulnerability Variance) provide summary information for up to the last 9 months.
I hope this helps! Please let us know if you have any additional questions. If you need more specific historical data, you can create a ticket to get assistance from our Support team.
-
It sounds like I need a scan schedule breakdown but all of the dates I need to pull are prior to the 25th. For context, we are testing our controls around vulnerability remediation which state any vulnerabilities found must be remediated within a certain timeframe based on severity. I would like to determine that x was here on the 1st and gone within 30 days, for instance. It sounds like we may need to work with our auditors to find a creative solution this year. I'll file a ticket as well to see if this is something Support is able to provide us with. It would be dandy if you could backport the data into the scan schedule breakdown (or at least prior 12 months which is a typical audit timeframe) :)
0
Please sign in to leave a comment.
Comments
2 comments