1 Reply Latest reply on Aug 4, 2011 4:49 PM by Catalysttgj

    CVDetected vs. ComputerVulnerability tables


      In LD 8.8 the table ComputerVulnerability has a Detected column that would essentially flag if a device was compliant or non-compliant.


      In LD 9 there is a new table called CVDetected. As I have poked around the CVDetected table it appears that if a device is compliant with a vulnerability then it won't have a record in CVDetected. This is a change from ComputerVulnerability where a device could have a record against a particular vulnerability with Detected = 0 (essentially, compliant).


      Therefore, if Computer 'A' has had a vulnerability scan and that scan included a check for Vul_ID MS11-037 and there is no subsequent record in CVDetected for Computer 'A' AND MS11-037 then Computer 'A' can be considered compliant to MS11-037.


      Is that assumption correct?


      Thanks, folks.