In LD 8.8 the table ComputerVulnerability has a Detected column that would essentially flag if a device was compliant or non-compliant.
In LD 9 there is a new table called CVDetected. As I have poked around the CVDetected table it appears that if a device is compliant with a vulnerability then it won't have a record in CVDetected. This is a change from ComputerVulnerability where a device could have a record against a particular vulnerability with Detected = 0 (essentially, compliant).
Therefore, if Computer 'A' has had a vulnerability scan and that scan included a check for Vul_ID MS11-037 and there is no subsequent record in CVDetected for Computer 'A' AND MS11-037 then Computer 'A' can be considered compliant to MS11-037.
Is that assumption correct?