Forum Discussion
Better vulnerability management reporting?
I have been fiddling with the DeviceTvmSoftwareVulnerabilities and DeviceTvmSoftwareVulnerabilitiesKB outputs but in terms of reporting based on the output is very limited and needs a lot of work. For example, I am trying to create a report based on the certain device group vulnerabilities. However, I want to list the vulnerabilities per device with as much as details I can.
The output from both of the tables are very limited and hard to correlate. Comparing to our other vulnerability management solution, we are not getting as much as data for reporting. For example
Vulnerability description
Vulnerability proof (output maybe?)
CVE's
Solution with link or details
Device Group or Device TAG
Also, I can't find a way to see the vulnerabilities that were previously remediated? I can see remediation tab but that requires us the create individual tickets/requests for certain vulnerabilities to be remediated. And maybe then it will show those as remediated? However, it would have been nice if we can see all the vulnerabilities that are remediated without needing to raise a ticket for them.
I think in overall Microsoft can prepare a better actionable vulnerability reports rather than some dashboards with almost no useful information about how to resolve them.