AnsweredAssumed Answered

Scorecard reports: New vs. Age 0-30 days

Question asked by Tom Noorman on Jul 12, 2017
Latest reply on Jul 18, 2017 by Tom Noorman

We are scanning IP ranges on a Monthly basis and running a related Scorecard report after the Monthly run. Within the Scorecard reports there are two particular fields I'd like to zoom into, in this question:

1. Status New

2. Age: 0-30 days

 

Since we scan and report on a Monthly basis, I'd expect the New items I find, will also fall in the category 0-30 days.

 

Example: If there are 1.000 new vulnerabilities found, I'd expect the category 0-30 days to be 1.000 or higher, maybe slightly lower since half of the Months have 31 days.

 

However I have examples where I have 461 new vulnerabilities and only 3 in category 0-30 days. This gives me the impression the category 0-30 days is not reflecting correctly, hence probably the other age categories are not (fully) correct as well.

 

How is the age 0-30 days field calculated exactly, what are the exact parameters used?

In the online help I do see a clear description of the field 'New' but not of this field.

Outcomes