Skip to main content

5. Report Generation


note

The type of report that you should generate depends on your intent of how the information will be used or what information you want to convey. This section outlines the most common use-case reports.


CSV List of all CVE details per IP​

  1. From the top menu bar navigate to Reporting -> Reports and click +Add

  2. Under the Other section select CSV

  3. Set a Name for the report

  4. Under the Definition section set:

    • Tool: Vulnerability Detail List
  5. Under the Display section set:

    • Results Displayed: All
    • Display Columns: Select All, and deselect Plugin Output
    note

    The Plugin Output column is disabled because Security Center does not sanitize newline characters within it, resulting in CSV with erroneous formatting

  6. Click Submit

  7. Select the report you just created and press the ⯈ Launch button

  8. From the top menu bar navigate to Reporting -> Report Results

  9. Click on the report you just generated to download it


PDF Compliance & Configuration Reports​

  1. From the top menu bar navigate to Reporting -> Reports and click +Add

  2. Under the Templates section select Compliance & Configuration Assessment

  3. Select the any of the following templates that suit your reporting needs:

    • Template: System Configuration Report

      • Not compliance related, but provides a baseline of: detected operating systems, installed software, and other system information
    • Template: Compliance Summary

      • Lists non-compliance results per framework
      • Deselect all irrelevant frameworks when creating
    • Template: STIG Report (by MAC)

      • Lists STIG non-compliance results grouped by Mission Assurance Category (MAC)
    • Template: Implementing the CIS Control Assessment Specification (CAS)

      • Β­Lists CIS control compliance results
  4. Under the Focus section, leave Targets set to All Systems, or specify assets that you want to include in the report and click +Add

  5. Select the report you just created and press the ⯈ Launch button

  6. From the top menu bar navigate to Reporting -> Report Results

  7. Click on the report you just generated to download it


PDF Vulnerability Assessment Reports​

  1. From the top menu bar navigate to Reporting -> Reports and click +Add

  2. Under the Templates section select Threat Detection & Vulnerability Assessments

  3. Select the any of the following templates that suit your reporting needs:

    • Template: Critical and Exploitable Vulnerabilities Report

      • Lists the top 20 most exploitable and vulnerable systems, and top 20 most critical vulnerabilities
    • Template: CVE Analysis Report

      • Lists all observed CVEs, their details, and all hosts that have the vulnerability
    • Template: Qualitative Risk Analysis with CVSS Scores Report

      • Groups vulnerabilities based on CVSS base scores, and all hosts that have the vulnerability
    • Template: Understanding Risk Report

      • Lists vulnerabilities ranked by risk
  4. Under the Focus section, leave Targets set to All Systems, or specify assets that you want to include in the report and click +Add

  5. Select the report you just created and press the ⯈ Launch button

  6. From the top menu bar navigate to Reporting -> Report Results

  7. Click on the report you just generated to download it


PDF Vulnerability Remediation Reports​

  1. From the top menu bar navigate to Reporting -> Reports and click +Add

  2. Under the Templates section select Threat Detection & Vulnerability Assessments

  3. Select the any of the following templates that suit your reporting needs:

    • Template: Remediation Instructions by Host Report

      • Lists the top 20 most vulnerable hosts
      • Includes remediation instructions
    • Template: Remediation Instructions by Severity Report

      • Lists the top 20 vulnerabilities ranked by severity
      • Includes remediation instructions
    • Template: Remediation Instructions Report by Severity for Exploitable Vulnerabilities

      • Lists the top 20 exploitable vulnerabilities ranked by severity
      • Includes remediation instructions
    • Template: Remediation Instructions Report by Vulnerability

      • Lists the top 10 vulnerabilities ranked by prevalence
      • Includes remediation instructions
  4. Under the Focus section, leave Targets set to All Systems, or specify assets that you want to include in the report and click +Add

  5. Select the report you just created and press the ⯈ Launch button

  6. From the top menu bar navigate to Reporting -> Report Results

  7. Click on the report you just generated to download it


PDF Reports for Threat Emulation Planning​

  1. From the top menu bar navigate to Reporting -> Reports and click +Add

  2. Under the Templates section select Threat Detection & Vulnerability Assessments

  3. Select the any of the following templates that suit your reporting needs:

    • Template: Exploits by Platform

      • Lists the top 20 most severe exploitable vulnerabilities, and top 10 most exploitable hosts
    • Template: Exploit Frameworks

      • Groups exploitable vulnerabilities based on exploit frameworks that can be used against them
      • Good for incorporating into Threat Emulation Planning
    • Template: Exploitable Vulnerabilities Summary

      • Lists the top 20 most severe exploitable vulnerabilities, and top 10 most exploitable hosts
    • Template: Network Service Vulnerability Report

      • Lists vulnerabilities exploitable via the network
  4. Under the Focus section, leave Targets set to All Systems, or specify assets that you want to include in the report and click +Add

  5. Select the report you just created and press the ⯈ Launch button

  6. From the top menu bar navigate to Reporting -> Report Results

  7. Click on the report you just generated to download it