Monthly Vulnerability Summary

The Monthly Vulnerability Summary report provides summary headline, distribution, and trending data for vulnerabilities found across your environment. The report provides the following:

  • Vulnerability status and vulnerable hosts counts
  • Severity and age distribution
  • Categorized trends
  • Top 10 lists
  • Exportable vulnerability list

Use this report to gain insights into the effectiveness of your current vulnerability management, learn about new vulnerabilities and emerging threats, help prioritize your efforts, and focus on specific areas in your environment.

To access the Monthly Vulnerability Summary report:

  1. In the Alert Logic console, click the menu icon (), and then click Validate.
  2. Click Reports, and then click Vulnerabilities.
  3. Under Vulnerabilities Analysis, click VIEW.
  4. Click Monthly Vulnerability Summary.

Filter the report

To refine your findings, filter your report by Month, Customer Account, Deployment Name, Category, Severity, CVSS Score, and Asset Type.

Filter the report using drop-down menus

By default, Alert Logic includes (All) values for most filters in the report.

To add or remove filter values:

  1. Click the drop-down menu in the filter, and then select or clear values.
  2. Click Apply.

Schedule the report

After you finish setting up the report, you can use CREATE REPORT to run it periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. To learn how to schedule the report and subscribe notification recipients, see Scheduled Reports and Notifications.

CVSS severity categories

Alert Logic uses CVSS scores to measure the severity of vulnerabilities, which are divided into levels, and referenced to in some sections of this report.

Alert Logic assigns each vulnerability instance with a severity rating based on the CVSS score set by the National Institute of Standards and Technology (NIST) and reported to the National Vulnerability Database. Alert Logic supports both CVSS v2 and CVSS v3 scores.

Severity rating CVSS v2 score range CVSS v3 score range
Critical Not applicable 9.0 - 10.0
High 7.0 - 10.0 7.0 - 8.9
Medium 4.0 - 6.9 4.0 - 6.9
Low 0.1 - 3.9 0.1 - 3.9
Informational 0.0 0.0

Some vulnerabilities in the National Vulnerability Database have both CVSS v2 and CVSS v3 scores. Alert Logic displays the newer CVSS v3 score and severity rating in prominent locations and both scores in detail views. If only one CVSS score exists, Alert Logic uses that score and severity rating.

Vulnerabilities section

This section provides the total number of vulnerabilities found, new vulnerabilities seen for the first time, and fixed vulnerabilities not seen during the last scan in the selected months.

Hosts section

This section provides the total number of hosts with vulnerabilities in the selected filters.

Total Vulnerability Trend (Last 4 Months) section

The line graph presents the monthly trend of the total number of vulnerabilities from the last four months.

Total Host Trend (Last 4 Months) section

The bar graph presents the trend of the total hosts from the last four months.

Vulnerabilities by Age and Severity section

This section presents the distribution of age and severity categories of vulnerabilities in the selected filters presented in color-coded circles. The age categories are the following:

  • Over 6 months
  • 3-6 months
  • 1-3 months
  • Less than 1 month

The size of the circles represent the total vulnerabilities in each age category while its color represent the severity category of those vulnerabilities.

You also have the option to set additional filters on the Vulnerability Summary page when you click one or more circles in this section.

Vulnerabilities by Age and Trends section

This section shows the distribution of age categories and trend of vulnerabilities over the selected months in the selected filters. The age categories are the following:

  • Over 6 months
  • 3-6 months
  • 1-3 months
  • Less than 1 month

The color-coded pie chart presents the total vulnerability count in each age category, along with a chart that presents the daily trend over the selected months of those vulnerabilities.

You also have the option to set additional filters on the Vulnerability Summary page when you click a slice in the pie chart.

You can display the trend data as a line or bar chart. Click the drop-down on the top right of this section, and then select the chart type you want to see.