Vulnerability Distribution Explorer

The Vulnerability Distribution Explorer report provides insights into patterns from the vulnerabilities found in your environment to help optimize your vulnerability management process.

Alert Logic assigns each vulnerability one of the following severities based on the CVSS score from the National Institute of Standards and Technology National Vulnerability Database:

Severity CVSS base score
High 7.0 - 10.0
Medium 4.0 - 6.9
Low 0.1 - 3.9
Informational 0.0
Not Scored No CVSS Score available

This report is composed of two pages, the Vulnerability Distribution Explorer page and the Vulnerability Trends page. To see the Vulnerable Trends page, click the arrow icon () on the top right of the report.

To access the Vulnerability Distribution Explorer report:

  1. In the Alert Logic console, click Reports, and then click Vulnerabilities.
  2. Click Vulnerabilities Analysis, and then click Vulnerabilities Distribution Explorer.

To refine your findings, you can filter your report by Date Range, Customer Account, Deployment Name, and Asset Tags.

By default, Alert Logic includes (All) filter values in the report.

To add or remove values in a filter:

  1. Click the drop-down menu in the filter, and then select or clear values.
  2. Click Apply.

Some filters allow you to include or exclude all selected values in a filter for quick refining.

To include or exclude all filter values:

  1. Click the drop-down menu next to the filter icon (), and then select Include Values or Exclude Values.
  2. Click Apply.

Vulnerabilities by Status and Trends section

This section shows the distribution of status categories and trend of vulnerabilities over the selected time period in the selected filters. The status categories are the following:

  • New: First seen in the selected time period
  • Fixed: Not seen after the last scan in the selected time period

The color-coded bar represents the total vulnerability count in each status category, along with a chart that presents the daily trend over the selected time period of those vulnerabilities.

You can display the trend data as a line or bar chart. Click the drop-down on the top right of this section, and then select the chart type you want to see.

Vulnerability by Exploit Availability and Trends section

This section shows the distribution of exploitability categories and trend of vulnerabilities over the selected time period in the selected filters. The exploit availability categories are the following:

Category Exploit Code
High Exploit code works in every situation, or is being delivered via autonomous agent
Functional exploit exists Exploit code is available and works in most situations where the vulnerability exists
Proof of concept (Exploit code is not functional and may require substantial modification by a skilled hacker
Unproven that exploit exists Exploit Ccode is not available or is entirely theoretical
Not Defined Exploit availability not defined
Unknown Exploit availability unknown

The color-coded pie chart presents the total vulnerability count in each exploit availability category, along with a chart that presents the daily trend over the selected time period of those vulnerabilities.

You can view the trend data as a line or bar chart. Click the drop-down on the top right of Vulnerabilities by Status and Trends section, and then select the chart type you want to see.

Vulnerabilities by CVSS Severity and Trends section

This section shows the distribution of CVSS severity categories and trend of vulnerabilities over the selected time period in the selected filters.

Alert Logic assigns each vulnerability one of the following severities based on the CVSS score from the National Institute of Standards and Technology National Vulnerability Database:

Severity CVSS base score
High 7.0 - 10.0
Medium 4.0 - 6.9
Low 0.1 - 3.9
Informational 0.0
Not Scored No CVSS Score available

The color-coded pie chart presents the total vulnerability count in each CVSS severity category, along with a chart that presents the daily trend over the selected time period of those vulnerabilities.

You can display the trend data as a line or bar chart. Click the drop-down on the top right of Vulnerabilities by Status and Trends section, and then select the chart type you want to see.

Vulnerabilities by Age and Trends section

This section shows the distribution of age categories and trend of vulnerabilities over the selected time period in the selected filters. The age categories are the following:

  • Over 90 days
  • 46-90 days
  • 31-45 days
  • 0-30 days

The color-coded pie chart presents the total vulnerability count in each age category, along with a chart that presents the daily trend over the selected time period of those vulnerabilities.

You can display the trend data as a line or bar chart. Click the drop-down on the top right of Vulnerabilities by Status and Trends section, and then select the chart type you want to see.

Vulnerabilities by Operating System and Trends section

This section shows the operating systems and trend of vulnerabilities over the selected time period in the selected filters. The operating systems are the following:

  • Linux
  • Unbuntu
  • Windows Server
  • Unknown (Operating system could not be determined during scan

The color-coded pie chart presents the total vulnerability count in each operating system, along with a chart that presents the daily trend over the selected time period of those vulnerabilities.

You can display the trend data as a line or bar chart. Click the drop-down on the top right of Vulnerabilities by Status and Trends section, and select the chart type you want to see.

Vulnerabilities by Asset Type and Trends section

This section shows the distribution of asset types and trending of vulnerabilities over the selected time period within the selected filters. There are dozens of asset types including the following representative examples:

  • Region
  • Deployment
  • Security Group
  • VPC
  • DNS Zone
  • Load Balancer
  • Host
  • Volume
  • User

The color-coded pie chart presents the total vulnerability count for each asset type, along with a chart that presents the daily trend over the selected time period of those vulnerabilities.

You can display the trend data as a line or bar chart type. Click the drop-down on the top right of Vulnerabilities by Status and Trends section, and then select the chart type you want to see.

Vulnerable Trends page

To see the Vulnerable Trends page, click the arrow icon () on the top right of the report.

These sections provides the percentage or count, and trend of vulnerable host changes over the selected time period. You can display the data as a line or bar charts. Click the drop-down on the top right of the Vulnerability Count Change Over the Period section, and then select the chart type you want to see.

Vulnerability Count Change (Total Count) section

The section shows changes in the total count change of vulnerabilities and a graph that presents the daily vulnerability count trend over the selected period of time.

Vulnerability Change (High Severity) section

The section shows changes in the total count change of the vulnerabilities categorized in the high severity rating and a graph that presents the daily high severity vulnerability count trend over the selected period of time.

Vulnerability Change (Medium Severity) section

The section shows changes in the total count change of the vulnerabilities categorized in the medium severity rating and a graph that presents the daily medium severity vulnerability count trend over the selected period of time.

Vulnerability Change (Low Severity) section

The section shows changes in the total count change of the vulnerabilities categorized in the low severity rating and a graph that presents the daily low severity vulnerability count trend over the selected period of time.