-
Notifications
You must be signed in to change notification settings - Fork 5
Generated Reports
The following reports are generated by the Scans To Reports generator. These are all included as separate tabs within the Excel Report.
This report shows any open IAVM findings found by parsing ACAS Files. This report will show the applicable Plugin ID, IAVM Number, Plugin Name, Plugin Family, Severity and the total number of hosts that have this finding open. This report is identical to the Security Center Report Template but is applied to all ACAS scans submitted as opposed to a single ACAS scan.
This report shows a summary of every Unique Vulnerability found by parsing ACAS files. This report will show the applicable Plugin ID, Plugin Name, Plugin Family, Severity and the total number of hosts affected. This report is identical to the Security Center Report Template but is applied to all ACAS scans submitted as opposed to a single ACAS scan.
This report shows a breakdown of individual assets cross referenced against all scan types. The column headers in this report are auto filterable so you can use this to ensure each host has the required scan types executed against them. The applicable versions and release data points is also populated on this report.
This is just a raw data dump and is not directly tied to specific scan results. This tab is populated for research purposes, so the reviewers have easy access to CCI data while validating the applicable reports within the resulting Excel file. All applicable CCI information, including Security Control links, is populated in this report.
This is a hardware list populated based on all submitted scan files. Each asset will appear only once in this list, along with information such as the asset type, IP address, manufacturer, model, serial number, Operating System, etc. Some information, such as 'Virtual Asset?' needs to be populated by the reviewer if this is going to be used as an artifact in eMASS or in an A&A document.
This is a list of all the local users found on each of the hosts that had applicable ACAS scans executed against them. This report shows the hostname, Operating System, and local username.
This is a list of all the missing patches that need to be installed on the assets within the package. This information is populated from ACAS Plugin 66334. This report will display the hostname, operating system and applicable action to take to remediate the finding.
This is a list of all the operating systems found in the processed scans, along with the count of the number of hosts that have that operating system installed.
This is an eMASS compatible POAM populated with all the scan findings parsed. The cells on this sheet can be copy/pasted into the template available for download from the eMASS website.
This is a list of the Ports, Protocols and Services found during the ACAS Scan Executions. This report matches the format expected for the eMASS A&A documentation.
This is a RAR compatible for upload as an artifact into eMASS, if needed. The RAR file requirement is being removed from RMF Cyber Packages, but this report is being maintained for legacy purposes.
This is a dump of all the raw data parsed from all the submitted scan files. Most data fields from the selected scan files are outputted on this report so this report can be used to verify and validate the results found on all the other tabs.
This report shows inconsistencies between CKL scans and SCAP Scans. For instance, if a SCAP scan shows a particular finding is open, and that same vulnerability is marked as closed in submitted CKLs, that data point will be populated on this report. Ideally, this report should be empty. That being said, this report does not mean there are definite issues with the scans, only that someone should verify the findings are being properly marked. This report is also disabled by default as it takes an excessive amount of time to generate for executions with larges mounts of scans. This should only be used at the beginning of package validation processes.
This report shows all the Windows based software that was present on the hosts scanned with ACAS. The applicable software name, version, and host are listed on this report.
This report shows all the Linux based software that was present on the hosts scanned with ACAS. The applicable software name, version, and host are listed on this report.
This summary report shows a breakdown of the number of findings per host per scan, much like the Summary table shown in the Red 'Scan Summary' region of the application. This report shows the applicable scan type, hostname, IP, operating system, scan filename, scan date, scan duration, version, release, policy, credential status, scan user and finding count per category.
This is an eMASS compatible Test Report that can be included as an artifact or appendix to the A&A document based on all the scans submitted.