Navigating the Vulnerability Scan History

At the top of the page, there is a Select Scan Type filter bar, allowing you to categorize the scan history by specific scan types. These categories include:

• All Scans: Displays every scan conducted, across all types.
• Internal Authenticated: Shows scans conducted internally with authentication credentials.
• Internal Unauthenticated: Displays internal scans without credentialed access, focusing only on open vulnerabilities.
• External: Lists scans targeting IP addresses from an external perspective.
• Web App: Displays scans conducted on web applications, focusing on vulnerabilities specific to web environments.
• Chrome: Contains scans specifically designed for Chromebook devices within your environment.

Selecting a category filters the scan history to display only the scans that match the chosen type, making it easy to focus on specific scan activities and results.

Each scan type section also provides:

• Total Vulnerability Scans conducted in the selected category.
• Overall Vulnerability percentage, offering a quick assessment of the security status within that category.

Scan History Table

The scan history table displays a list of scans along with detailed information:

• Scan Name: Identifies each scan. Click to expand and view additional details.
• Targets: Number of devices, endpoints, or URLs scanned.
• Issued By: The user who initiated the scan.
• Start Date / End Date: Shows when each scan was conducted.
• Severity Breakdown: Includes columns for Total, Low, Medium, High, and Critical vulnerabilities found.
• Mitigations: Displays any active mitigation plans associated with the scan.
• Action: A menu of actions available for each scan, such as re-running the scan, exporting data, or setting up notifications.

Viewing More Entries: By default, the display is limited to a set number of entries. Use the pagination options to view additional scans or use the search bar to locate specific scans by name.

Actions Available for Each Scan

The Action menu on each row provides options to manage scans individually:

• Scan Again: Allows you to re-run the scan with the same settings.
• Regenerate Notification: Sends a new notification regarding the scan results.
• Export as CSV: Downloads the scan details in CSV format for further analysis.
• Delete Scan: Removes the scan from the history (only available if no active mitigation plans are linked).
• Show in Reports: Includes the scan data in custom reports through the Report Builder.

These actions enable comprehensive management of scan data, ensuring that you can revisit, report, or delete scan records as necessary.

Expanded Scan Details

Expanding a scan row reveals additional insights into the scan results, including:

• Summary: Brief information about the scan, such as the agent used and any offline delay settings.
• Quick Snapshot of Scan Results: Visual representation of the severity distribution (e.g., Low, Medium, High, Critical) using a pie chart or bar chart.
• Top 5 Vulnerabilities by Count: Shows the most frequently detected vulnerabilities in the scan, with details on each CVE, description, risk level, and occurrence count.

This detailed view gives a quick assessment of the scan’s findings, enabling you to prioritize actions based on the severity and frequency of vulnerabilities detected.

Vulnerabilities Breakdown

The Vulnerabilities Breakdown chart provides a visual comparison of vulnerabilities across different targets within the scan. This helps identify specific targets with higher vulnerability counts and the distribution of severity levels for each target.

Detailed Target Analysis

Expanding each target within a scan reveals a Host Vulnerability Summary, which includes:

• Severity Summary: Breakdown of vulnerabilities by severity level (Low, Medium, High, Critical).
• Security Software: Lists any protective software installed on the target.
• End of Life (EOL) Information: Flags outdated software or systems that may pose additional security risks.

• Root Cause Analysis: Identifies the underlying causes of vulnerabilities, grouped by:
  • File Path: Shows files responsible for vulnerabilities.
  • Registry Hive: For Windows, lists registry entries related to vulnerabilities.
  • Package Name: For Linux, displays packages or subsystems linked to vulnerabilities.

This in-depth analysis helps prioritize remediation by addressing core issues rather than individual CVEs.

Vulnerability Descriptions and Additional Information

Within each target’s vulnerability list, expand individual vulnerabilities for more detailed information:

• Description
• CVE Vector
• Patch Links

This comprehensive information empowers teams to understand vulnerabilities in depth and develop targeted remediation strategies.

The Vulnerability Scan History page is a powerful tool for tracking security trends, managing vulnerabilities, and ensuring continuous security improvements across your organization. By using the filtering, expansion, and action tools, teams can efficiently manage scan data, prioritize remediation efforts, and maintain an organized vulnerability management workflow.