Why is it hard to recreate historical reporting numbers?

In Cisco Vulnerability Management there are a number of background computing jobs that run nightly. One of those jobs produces the reporting numbers displayed on historical data graphs for reporting.

Note: Cisco Vulnerability Management processes background jobs, such as risk meter refreshes, between 1 AM and 5 AM local time in EU and AJPC, and between 10:30 and 1:30 in the US region, excluding Hawaii.

Cisco Vulnerability Management is very dynamic which makes recreating those historical numbers virtually impossible for the following reasons: 

  1. Real time threat data changes vulnerability scores - up and down - as new data is acquired altering vulnerability counts by risk.  
  2. Scanners can re-open vulnerabilities at any time altering open and closed vulnerability counts. 
  3. Tags on assets might change which alters assets counts and scores for risk meters where tags were used to build the risk meter query.
  4. Assets might change to inactive status which alters risk meter scores and asset and vulnerability counts. 
  5. Asset priority might change at any time which alters the overall asset score and also the risk meter scores of any group that contains the assets. 
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.