Daily Vulnerability Variance
The Daily Vulnerability Variance report provides a comparison of total unresolved, new, and resolved vulnerability instances in your environment from the previous day. Use this report to gain insights into the effectiveness of your vulnerability management and remediation efforts.
To access the Daily Vulnerability Variance report:
- In the Alert Logic console, click the menu icon (), and then click Validate.
- Click Reports, and then click Vulnerabilities.
- Under Vulnerability Variance, click VIEW.
- Click Daily Vulnerability Variance.
Filter the report
To refine your findings, filter your report by Select Day, Customer Account, Deployment Name, VPC/Network, Category, Severity, Variance, and New.
Filter the report using drop-down menus
By default, Alert Logic includes (All) values for most filters in the report.
To add or remove filter values:
- Click the drop-down menu in the filter, and then select or clear values.
- Click Apply.
Schedule the report
After you finish setting up the report, you can use CREATE REPORT to run it periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. To learn how to schedule the report and subscribe notification recipients, see Scheduled Reports and Notifications.
Vulnerability categories
Alert Logic discovers several types of vulnerabilities, which are divided into categories, and referred to in sections of the report:
- Agent: Security vulnerability results detected by agent-based scans (on hosts with Agent-Based Scanning)
- Cloud Configuration: Security vulnerabilities detected by cloud/CIS compliance checks
- Credentials: Security vulnerabilities detected by credentialed internal network scans
- External: Security vulnerabilities detected by external network scans
- Network: Security vulnerabilities detected by unauthenticated internal network scans
CVSS severity categories
Alert Logic uses CVSS scores to measure the severity of vulnerabilities, which are divided into levels, and referenced to in some sections of this report.
Alert Logic assigns
Severity rating | CVSS v2 score range | CVSS v3 score range |
---|---|---|
Critical | Not applicable | 9.0 - 10.0 |
High | 7.0 - 10.0 | 7.0 - 8.9 |
Medium | 4.0 - 6.9 | 4.0 - 6.9 |
Low | 0.1 - 3.9 | 0.1 - 3.9 |
Informational | 0.0 | 0.0 |
Some vulnerabilities in the National Vulnerability Database have both CVSS v2 and CVSS v3 scores. Alert Logic displays the newer CVSS v3 score and severity rating in prominent locations and both scores in detail views. If only one CVSS score exists, Alert Logic uses that score and severity rating.
Variance status
Alert Logic categorizes vulnerability instances into different statuses, which are referred to in sections of the report:
- New: Vulnerability instances that existed on the selected day, but not on the previous day
- Resolved: Vulnerability instances that existed on the previous day, but not on the selected day
- Unresolved: Vulnerability instances that existed on the selected day and on the previous day
Variance between selected days
The following sections headline the variance of vulnerability instances between the day you selected and the previous day.
Previous Total section
This section provides the total number of vulnerability instances that existed on the previous day in the selected filters.
Resolved, New, and Unresolved Total section
This section provides the number of vulnerability instances that were resolved on the previous day in the selected filters, the number of vulnerability instances that were first seen or seen again on the day you chose in the selected filters, and the total number of vulnerability instances that went unresolved from the previous day and remained on the day you chose in the selected filters.
Vulnerability Variance Details
The list provides details of the vulnerability instances that existed on the day you chose in the selected filters. The list is organized by variance and new status, vulnerability name, IP address, host name, CVSS score, and the severity category represented in a bar graph.