I have all scan results stored in a database. One of the database tables gives our internal "severity" score for select plugins. The web interface I wrote to date only has modest flexibility for host vuln reporting, but it allows using either the local or nessus severity scores, sorts based on severity and allows hiding of non-critical results. In my view this is the benefit of storing the results in a database -- it is then just a matter of queries and presentation.
For what its worth I'm in the process of rewriting our network reconaissance effort and when that is done (when? Who knows) I hope to share the results. Much of it is dependant on particulars of our environment but the core of it may prove useful to others. Tim Doty -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeff Chapin Sent: Monday, October 22, 2007 11:47 AM To: [email protected] Subject: managing scan reports Hello all, What sort of tools do people use to manage reports generated by Nessus? I used to use NessusWX to filter out what I wanted in the reports, etc, but this tool seems to be discontinued. I would love to be able to report just the critical, and just the medium/etc. Sorting by number of vulrebilities found would also be a plus. Thanks , Jeff emailsignature_logo JEFF CHAPIN SYSTEM ADMINISTRATOR T8DESIGN.COM | P 319.266.7574 - x267 | 877.T8IDEAS | F 888.290.4675 This e-mail, including attachments, is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential, and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, and then please delete it. Thank you.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
