Forum Discussion
Find out number of closed vulnerabilities
Hi, I'm using MS Defender TVM to find and manage vulnerabilities in my infrastructure. I already have some powershell scripts to extract some TVM data for reporting each month, like number of Critic...
I too have been looking for a solution to this. There is an 'event timeline' in Defender TVM section that tracks changes but I dont think this data is available via API or Advanced Hunting schema. And it is more device related rather than total vulns remediated.
My thought was to try a KQL query to take all CVE's that existed on the first of the month (or what ever time period you want) and compare against the CVE's that exist now (current date/time). I can't figure out the KQL query though..
My thought was to try a KQL query to take all CVE's that existed on the first of the month (or what ever time period you want) and compare against the CVE's that exist now (current date/time). I can't figure out the KQL query though..
Hi,
Yeah, I think for new the best option is to extract the all the vulns in Powershell, then dump it into a CSV, and then make a second dump and compare both to find out what vulns have "disappeared".
I'll try to develop something like this as soon as I got sime time.Thanks
