Forum Discussion
KQL Script to count the total of vulnerabilities over a time period.
Hi everyone, I'm having some trouble crafting a KQL script to count vulnerabilities over a specific time period. I've been using the DeviceTvmSoftwareVulnerabilities table, but unfortunately, I ...
cyb3rmik3
Microsoft
MicrosoftHi SergioVargas,
Not sure if you can do anything more about this, if the tables had Timestamp information, it would be feasible but as TVM continuously assesses your endpoints, the query you are looking for is probably impossible to materialize.
If you have access to DeviceBaselineComplianceAssessment, though Timestamp as well is not available, you might be able to derive information upon baseline assessments hence having an overview of what your status is in a periods of time.
If I have answered your question, please mark your post as Solved
If you like my response, please consider giving it a like
Thanks for your answer cyb3rmik3
I will further investigate these options and explore how they can be utilized to gain insights into vulnerability trends and endpoint status over time. Additionally, I am aware that Microsoft Defender offers built-in reporting features that provide detailed vulnerability reports over specific periods, so I guess that, in some way, it could be possible to build those reports; anyway, I will explore other ways to have those reports.
I will further investigate these options and explore how they can be utilized to gain insights into vulnerability trends and endpoint status over time. Additionally, I am aware that Microsoft Defender offers built-in reporting features that provide detailed vulnerability reports over specific periods, so I guess that, in some way, it could be possible to build those reports; anyway, I will explore other ways to have those reports.