1 Reply Latest reply on Aug 4, 2011 4:49 PM by Catalysttgj

    CVDetected vs. ComputerVulnerability tables

    Rookie

      In LD 8.8 the table ComputerVulnerability has a Detected column that would essentially flag if a device was compliant or non-compliant.

       

      In LD 9 there is a new table called CVDetected. As I have poked around the CVDetected table it appears that if a device is compliant with a vulnerability then it won't have a record in CVDetected. This is a change from ComputerVulnerability where a device could have a record against a particular vulnerability with Detected = 0 (essentially, compliant).

       

      Therefore, if Computer 'A' has had a vulnerability scan and that scan included a check for Vul_ID MS11-037 and there is no subsequent record in CVDetected for Computer 'A' AND MS11-037 then Computer 'A' can be considered compliant to MS11-037.

       

      Is that assumption correct?

       

      Thanks, folks.