AnsweredAssumed Answered

Understanding the RISK_SCORE_PER_HOST section in a Host Based Finding Report.

Question asked by Johnny Shaieb on Feb 10, 2019
The following XML stanza comes from a scrubbed Host Based Report. 
Goal:  My goal is to use a host based findings report for a particular asset group to generate a server list of all alive servers that were scanned during a 4 week scan cycle.  I realize that map scans can be use to find all the alive servers in a particular range, but my questions are specific to host based findings reports.
Question 1:  The below XML (RISK_SCORE_PER_HOST) stanza contains two hosts ( and  You can see that  ( was listed with (0) TOTAL_VULNERABILITIES.  
  • Does this mean that server ( was alive and scanned?
  • Are all servers listed in the (RISK_SCORE_PER_HOST) stanza alive and scanned?
      <IP_ADDRESS network_id="0"></IP_ADDRESS>
      <IP_ADDRESS network_id="0"></IP_ADDRESS>
Question 2:  Below is a picture of a technical template I am using to produce the above XML report.
  • Which checkbox actually produces the (RISK_SCORE_PER_HOST) section? 
  • Also, if there a PDF that thoroughly explains and maps each template check box/radio button option with the various report format (e.g., XML, CSV, HTML, etc)?
Thank you for viewing the above questions,