Why don’t I see all of my assets?

By default, Cisco Vulnerability Management only shows Assets with at least one open risk-associated vulnerability. There are three different reasons why assets are not immediately visible in the UI.

1. Assets without risk-associated vulnerabilities

Many scanners report assets that have either no results, or only have informational/non-risk associated findings. These findings can include warnings about self-signed certificates, notifications of open ports, expiring X509 certificates, upgraded TLS needed (1.1 to 1.2), and more. Assets without vulnerabilities will not show in Cisco Vulnerability Management by default. Cisco Vulnerability Management is designed to show you the information critical to reducing risk rather than showing assets that need no action. Assets with Informationals (scored 0 by default) will show up in the UI, but can be excluded using a simple search term.

2. Inactive assets and non-open vulnerabilities

By default, Cisco Vulnerability Management only displays active assets that have open vulnerabilities. This means that in the default view, you are not looking at inactive assets, or assets with only closed, risk accepted, or false positive vulnerabilities.

If you want to see all of your assets in Cisco Vulnerability Management, you will need to select three checkboxes under the Asset and Vulnerability Filters on the Vulnerability Management Explore page.

  1. Select the “All” status under Asset Filters for Inactive vs Active assets. This will show all assets that have at least one open vulnerability.

  2. In the Status options in the Vulnerability Filters section, select “All”. Selecting this option will include not only Open vulnerabilities, but also any Risk Accepted, False Positive, or Closed vulnerabilities.

  3. In the “Asset Filters” section, expand the “Additional Filters” option, and select “Include all Assets”.

Once finished, your filters should have the three boxes checked.

Checkboxes.png

If you would like to understand how to see the number of licenses you are using against your purchased license count, refer to the information here.

3. Assets outside of the Asset Purge Period

Once an asset has gone inactive and falls outside of the Asset Purge Period, it will be deleted from your Cisco Vulnerability Management account. Also, connector runs will not import assets which fall outside of the Asset Purge Period.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.