There are several graphics that may be included in scan reports.
Note that many report graphics are not available if you've selected Run Time under Scan Results Selection in the report template because the data included in your report does not include the current status or trending.
Note: This graphic is only available when the Status and Trend option is selected under Scan Results Selection in the report template.
This graphic compares business risk values over the specified time frame (days, weeks, months or last two detections). See Business Risk to learn more about how business risk is calculated.
The Business Risk by Asset Group over Time graphic includes trend lines to identify:
Asset group trend. When asset groups are included in the report target, the reporting engine uses the business impact level assigned to each asset group when calculating business risk for each group.
Individual IP trend. When individual IPs are included in the report target, the reporting engine will assume a business impact level of High (or its equivalent) when calculating business risk since these IPs may be included in multiple asset groups or in no groups at all.
Note: This graphic is only available when the Status and Trend option is selected under Scan Results Selection in the report template.
This graphic displays vulnerability detections for the selected trend period (days, weeks, months or last two detections) and vulnerability status (New, Active, Re-Opened and/or Fixed), as defined in the scan report template. Information gathered is not included in this graphic.
The graph on the left visually represents the changes for the given timeframe. The severity level chart on the right identifies the total number of detections by severity level for the given timeframe and associated trends within that same timeframe. For example, the value "6 Severity 5 +4" next to the red Severity 5 icon would indicate there were 6 Severity 5 detections at the end of the timeframe. Since the trend is +4 for Severity 5 detections the graph would show 2 Severity 5 detections at the start of the timeframe.
This graphic displays the total number of vulnerabilities at each status level: New, Active, Re-Opened and Fixed. See Status Levels for a complete description of each.
If "There is no data available" appears, check filter settings on the Filter tab in your report template. No data will be available for this graph if vulnerabilities are filtered out of your report.
This graphic displays the total number of potential vulnerabilities at each status level: New, Active, Re-Opened and Fixed. See Status Levels for a complete description of each.
If "There is no data available" appears, check filter settings on the Filter tab in your report template. No data will be available for this graph if potential vulnerabilities are filtered out of your report.
This graphic displays the total number of vulnerabilities detected at each severity level. Each total is based on the most current vulnerability information for all hosts included in the report. Note that vulnerabilities in a Fixed status are not included in this graph. See Severity Levels for a complete description of each.
If "There is no data available" appears, check filter settings on the Filter tab in your report template. No data will be available for this graph if vulnerabilities are filtered out of your report.
If you are viewing a single saved scan report, the trend will display (0).
This graphic displays the total number of potential vulnerabilities detected at each severity level. Each total is based on the most current vulnerability information for all hosts included in the report. Note that potential vulnerabilities in a Fixed status are not included in this graph. See Severity Levels for a complete description of each.
If "There is no data available" appears, check filter settings on the Filter tab in your report template. No data will be available for this graph if potential vulnerabilities are filtered out of your report.
If you are viewing a single saved scan report, the trend will display (0).
This graphic displays the total number of information gathered vulnerabilities detected at each severity level. Information Gathered severity levels range from 1 to 3. See Severity Levels for a complete description of each.
If "There is no data available" appears, check filter settings on the Filter tab in your report template. No data will be available for this graph if information gathered checks are filtered out of your report.
This graphic displays the top 5 vulnerable categories in the report with the total number of vulnerabilities in each category. For example, if you have more CGI vulnerabilities than any other category, then CGI will appear at the top of this list. A trend is also included to identify whether the number of vulnerabilities in each category increased or decreased. For a complete list of vulnerability categories, see the KnowledgeBase or the Filter tab in any scan report template.
This graphic displays the 10 most frequently reported vulnerabilities. These vulnerabilities appear the most often for the report target, which includes one or more hosts. For example, a vulnerability may be detected for the first time in your report, but if it is detected on several hosts, it may be considered one of the most prevalent vulnerabilities. A trend is also included to identify whether the number of occurrences for each vulnerability increased or decreased.
This graphic displays all detected operating systems. Note that the operating system may not have been detected on all hosts. If you performed selective vulnerability scanning, and did not include the "Operating System Detected" vulnerability (QID 45017), then no data will be available for this graph.
This graphic displays all services, such as ssh, ftp and smtp, discovered under the Open TCP and Open UDP Services lists. Note that a service may be counted more than once for a single host if the service is discovered on different ports. Also note that services may not have been detected on all hosts included in your report.
If you performed selective vulnerability scanning and did not include the following vulnerabilities, then no data will be available for this graph: "Open TCP Services List" (QID 82023) and "Open UDP Services List" (QID 82004).
This graphic displays a list of ports detected, and the number of times each port was detected.