The fully custom vulnerability report is probably our most popular report in the Nucleus console. This article will detail the two different approaches for generating the most flexible report we have.
The custom report is a report which is fully customizable based on every vulnerability filter and asset filter contained within Nucleus. This allows the user to generate completely flexible reports based on the specific data they want to see, and to pivot on the data in a way that makes the most sense for them and to answer the most difficult questions.
The best part is, this report can be scheduled as well, so that you can generate these dynamic running reports over time and always get the latest information when getting the answers to your vulnerability data questions.
For example, let's say you wanted to schedule a report to answer the following question:
- I want to know all of my new Critical Severity Adobe vulnerabilities that have both CVEs associated with them and an exploit available in the wild, that were discovered in my environment in the last 30 days.
- And I want that info filtered by a specific subnet and asset groups, so I can see these vulnerabilities based on my business critical assets which are public-facing.
- And I want to schedule that report to be generated every week (or day, month, year) to be emailed to users of my choosing.
- So every week I will get a report emailed to me automatically answering that specific question I had above, and not have to rerun that query over and over again when trying to answer that question in the future.
That is just one example of the flexibility these filters give you when it comes to generating the custom report in Nucleus. Like we said above, this is one of the most powerful features of Nucleus that you will not get with other tools.
Option 1: Through the Active Vulnerabilities List
There are two options for generating this report. The first option is to get this information from the Active Vulnerabilities List.
The benefit of generating the report this way is that you can apply the vulnerability filters in the Nucleus UI, and then the custom report will automatically populate the report template with those filters, so you can see what type of information you will get in the report before generating it.
To generate the custom report in this way, do the following:
1. Navigate to Project Dashboard > Vulnerabilities > Active
2. Select your filters to get the information that you would like to answer
- Filter by vulnerability severity
- Filter by external issue status
- Filter by Last Seen Date
- Filter by a CVE Search
- Filter by Asset Group
3. Once you have your filters in place you should see your vulnerability list change based on these filters. Now, to export this data you can either export this table via the "Export Findings" button, or you can generate a recurring report.
4. To generate a report, select "Reports" from along the top toolbar and select "Custom Report"
5. Give this report a name
6. The filters should already be filled out for you corresponding to the filters you used in the UI.
7. Optional: Select tab 3 to schedule the report on a recurring basis.
8. Click Save & Finish
That's it, you have generated the report! You are now automating the answers to questions you have on a recurring basis.
Option 2: Through the Reports Page
This option is the other way to generate the custom report. Do the following:
1. Navigate to Project Dashboard > Reports > Reports List
2. Select Create Report > Vulnerability Custom Report xls
3. This will pop up the modal to fill out all your filters for the report. Follow the steps in the modal to get the report filters the way you want them.
4. Click Save & Finish
You are all done! You have generated the custom report in 2 different ways, which will allow you to answer questions and pivot on the vulnerability data in any way that you choose!
If you have any questions about this report, reach out to your Nucleus support representative or email [email protected].