As part of the integration with Nexpose, you can download a report for every endpoint that is discovered in Nexpose. The 'Download Report' triggers a report creation in Nexpose which discoveres the vulnerabilities and patches needed for that endpoint.
The Report is downloaded in a CSV format and includes the following data: Asset IP Address, Asset Name, Asset OS, Asset Risk Score, Site Name, Vulnerability Title, Vulnerability Risk Score, Vulnerable Since, Vulnerability CVE IDs, Vulnerability CVSS Score.
Before we start: Make sure your JetPatch platform is integrated with Nexpose. Learn more about how to import vulnerabilities via Nexpose.
How to Download Nexpose Report
Nexpose Report configuration
JetPatch will download a custom report based on the chosen asset (check "Download report from JetPatch" below).
- In order to create a new report template, go to "Reports" -> Manage report templates
- Click on "NEW" button and fill in the following properties -
- Name = the report name ("JetPatch-CSV" is recommended). Note - this name should be the same name in JetPatch Nexpose configuration for "pg.nexpose.report-name".
- Template type = "Export (CSV format)"
- data filed - choose any data filed you want. Our suggestion is:
- Asset IP Address
- Asset Names
- Asset OS Name
- Asset Risk Score
- Site Name
- Vulnerability Title
- Vulnerability Risk Score
- Vulnerability Since
- Vulnerability Proof
- Vulnerability CVE IDs
- Vulnerability CVSS Score
- Save template
JetPatch will trigger report creation every time a user requests for a new report.
Download report from JetPatch
- Log in to JetPatch platform
- Go to Endpoints > Management
- Filter by More Filters > Vulnerability > Nexpose
- Go to a specific server you would like to download the report and click the hourglass icon
- Click 'Download' in the pop-up message that will appear on the bottom of your screen.