[nexpose-users] FW: RE: Nexpose reporting functionality followup

[Jarred White]

Hey all, just wanted to follow up on this topic. Sorry it has taken me so long but I've been tied up. Below is a solution that jcran walked me through. So far, it has been what I've needed.

A few things to note:

* The "Some high level details" were too high level. I actually set it to "Moderate level" to get what I wanted. I believe the real difference here is that it includes a description of the vuln as well as some remediation steps. This is precisely the level of detail I was looking for.
* I think some of my problems in the past were the level of detail - that's why it was generating such gargantuan reports. I was really overdoing the level of detail I wanted.
* For future consideration, consider a sort of "nested tree" view that uses the same format, but collapses each vulnerability into a clickable link. Once you expand the tree, it lists a detailed description of the vuln and the systems it affects. Just something to think about. :)

Good luck!

-Jarred

-----Original Message-----
From: Jonathan Cran [mailto:jcran at 0x0e.org] 
Sent: Wednesday, May 05, 2010 1:08 AM
To: Jarred White
Subject: Fwd: RE: Nexpose reporting functionality followup

Give this a shot:

1) Click on report tab
2) Create new report
3) Click on "New Template"
4) Name the template
5) Set the Level of Technical detail to "Some high level details"
6) Under "Report Sections" select "Discovered Vulnerabilities"
7) Save the template
8) Create a report using the newly created template

Let me know if something seems to be missing.


jcran