I'm trying to create a report that will do the following:
- It will report on the Top 20 most overdue/outstanding L5 and L4 vulnerabilities (sorted by most overdue tickets)
- The Top 20 vulnerabilities should be dynamic (through a dynamic search list I assume)
- Under each vulnerabilities will be a list of assets details (hostname and IP address) in the asset group with that QID
- It's supposed to be scheduled to run monthly
Overall the report is to cleanup any outstanding and critical vulnerabilities by pointing those top vulns and the affected assets. The vulnerable asset data list is important because it's what I need to deliver to the sysadmins to import into their system to push out patches.
Is it possible to generate a report like this in Qualys? Any advice you can give is greatly appreciated.