Monthly Vulnerability Analysis

The Monthly Vulnerability Analysis report provides insights into vulnerabilities and vulnerable assets found in your environment, including vulnerabilities by severity and age, vulnerability trends, vulnerabilities by day and severity, and top vulnerable hosts, networks, and deployment lists for the selected month. Use this report to gain insights into the effectiveness of your vulnerability management, help prioritize your efforts, and focus on specific areas in your environment.

This report presents data for an entire month, which immediately becomes available in the beginning of the following month.

To access the Monthly Vulnerability Analysis report:

  1. In the Alert Logic console, click the menu icon (), and then click Validate.
  2. Click Reports, and then click Vulnerabilities.
  3. Under Vulnerability Analysis - Full Report, click VIEW.
  4. Click Monthly Vulnerability Analysis.

Filter the report

To refine your findings, filter your report by Select Month, Customer Account, Deployment Name, Category, Severity, CVSS Score and Asset Type.

Filter the report using drop-down menus

By default, Alert Logic includes (All) values for most filters in the report.

To add or remove filter values:

  1. Click the drop-down menu in the filter, and then select or clear values.
  2. Click Apply.

Schedule the report

After you finish setting up the report, you can use CREATE REPORT to run it periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. To learn how to schedule the report and subscribe notification recipients, see Scheduled Reports and Notifications.

CVSS severity categories

Alert Logic uses CVSS scores to measure the severity of vulnerabilities, which are divided into categories, and referenced to in some sections of this report.

Alert Logic assigns each vulnerability instance with a severity rating based on the CVSS score set by the National Institute of Standards and Technology (NIST) and reported to the National Vulnerability Database. Alert Logic supports both CVSS v2 and CVSS v3 scores.

Severity rating CVSS v2 score range CVSS v3 score range
Critical Not applicable 9.0 - 10.0
High 7.0 - 10.0 7.0 - 8.9
Medium 4.0 - 6.9 4.0 - 6.9
Low 0.1 - 3.9 0.1 - 3.9
Informational 0.0 0.0

Some vulnerabilities in the National Vulnerability Database have both CVSS v2 and CVSS v3 scores. Alert Logic displays the newer CVSS v3 score and severity rating in prominent locations and both scores in detail views. If only one CVSS score exists, Alert Logic uses that score and severity rating.

Vulnerabilities by Severity section

This section provides the vulnerability count in each CVSS severity category for the selected month.

Vulnerabilities by Age section

This section provides the vulnerability count in each age category for the selected month.

Vulnerability Instance Trend

This section provides a comparison of the vulnerability count for the selected month, and the previous month of the one you selected.

Vulnerable Hosts Trend

This section provides a comparison of the vulnerable host count for the selected month, and the previous month of the one you selected.

Vulnerabilities by Time and Severity section

This section provides a line graph of the vulnerability count for every CVSS severity category and trend over the selected month, and a list with the count, and total count of vulnerabilities in every CVSS severity category on each day.

Top 10 Vulnerabilities by Host Count

The list provides the top 10 vulnerabilities based on host count for the selected month. The list is organized by vulnerability name, severity, host count, and a bar graph representing the host count.

Most Vulnerable Service Types section

This section provides the most vulnerable service types for the selected month. The list is organized by service type, vulnerability count, the percentage of the total vulnerability count, and a bar graph representing the vulnerability count.

Top 10 Vulnerable Hosts by Vuln Count section

The list provides the 10 most vulnerable hosts based on the total vulnerability count for the selected month. The list is organized by customer account, host name, host IP address, vulnerability count, and a bar graph representing the vulnerability count.

Most Vulnerable Deployments section

This section provides the count and percentages for the most vulnerable deployments in a color-coded bar graph, and list of the most vulnerable deployments, organized by severity rankings, vulnerability count, and host count. The section lists the customer account and ID, deployment name, and rolled-up vulnerability data, then lists the vulnerability type breakdown in a table below.

Most Vulnerable Networks section

This section provides the count and percentages for the most vulnerable networks in a color-coded bar graph, and list of the most vulnerable networks, organized by severity rankings, vulnerability count, and host count. The section lists the customer account and ID, VPC/network name, and rolled-up vulnerability data, then lists the vulnerability type breakdown in a table below.