Report Creation Wizard

Collect, analyze, and report InsightVM data all in one place using the Report Creation Wizard in Query Builder. You can share directly with stakeholders to help you communicate about your work and gain insight into your organization’s vulnerability management program.

In order to perform these tasks, you need to create queries and dashboards.

Access the report wizard

  1. After logging into InsightVM, open Query Builder.
  2. Load or Add a query to set the scope of your report (optional)
  3. Click Create Report to open our wizard.
  4. Select the report type you want to build. The wizard will guide you through the process of creating a customized report in 4 steps.

report-creation-wizard-first-step

I want to:

Export to CSV

You can export a CSV file to manipulate in-depth raw data in your favorite spreadsheet program.

What’s the difference between Export to CSV and a CSV File Report?

Export to CSV generates an ad-hoc export of your data. If you want to schedule this export to run periodically, click Create Report and select CSV File Report in the first step of the wizard. Follow the wizard’s instructions for the remaining steps.

We’ll examine this use case:

Create a report for all assets that contain TLS and SSL vulnerabilities.

To do so, you’ll need to build 2 queries.

Build a query for to identify TLS vulnerabilities

  1. Open Query Builder.
  2. Click Add.
  3. Type “vulnerability” in the search box and select vulnerability.title.
  4. Select CONTAINS.
  5. Type “TLS”.
  6. Click Apply.

Before building the 2nd query, toggle to OR.

Build a query for all SSL vulnerabilities

  1. Click Add.
  2. Type vulnerability in the search box and select vulnerability.title.
  3. Select CONTAINS.
  4. Type “SSL”.
  5. Click Apply.
  6. Click Export to CSV.

Here’s what the queries will look like:

report-selector-tls-ssl-queries

Export vulnerabilities or assets

When you are on the Assets tab, clicking Export to CSV will export your assets data. If you want to export vulnerabilities data, click on the Vulnerabilities tab first, then click Export to CSV.

Use a Dashboard Template to export a PDF

This option allows you to create a printable PDF report from a dashboard template provided by Rapid7 without the need of creating a dashboard. It also allows you to apply a query to set the scope of the PDF report.

To generate these types of reports:

  1. After logging into InsightVM, open Query Builder.
  2. Optional: Add a query to scope your data.
  3. Click Create Report to open the wizard.
  4. Select the report type you want to build. You’ll be guided through the process of creating a customized report in 4 steps.
Use a Customized Dashboard to export a PDF
  1. Click the Dashboards icon in the left hand navigation.
  2. Find the dashboard you want to customize from the drop down menu.
  3. Click View.
  4. Click Export to PDF.
Share a report with external stakeholders

You can send PDF reports by email with stakeholders who are not InsightVM users. The PDF sent is encrypted and password-protected as an additional security measure. Recipients will receive two e-mails:

  • An e-mail with the generated report as a PDF
  • An e-mail with the password to open the PDF

Email a PDF report to external stakeholders

  1. In InsightVM, go to Query Builder.
  2. (Optional) Set report scope by loading or building a query.
  3. Click Create Report.
  4. Select PDF as the report type.
  5. Select the report template.
  6. In Shared With, select Permit users who do not have access to console, and enter the email addresses.
  7. Click Save and Complete.
Schedule report creation

To schedule this export to automatically occur periodically, you need to use the Report Creation Wizard in Query Builder. In Query Builder, you can optionally create a query and then click Create Report to go to the wizard. In the first step, select Custom Dashboard Template and follow the steps.

Example: Export custom Patch Tuesday dashboards to PDF

I want to see our exposure to Patch Tuesday vulnerabilities starting on March 10, 2020, create a remediation plan, and report our progress.

Build Queries in Query Builder

To accomplish this, you’ll need to build 2 queries in Query Builder. The 1st query will find the vulnerabilities published on March 10, 2020.

  1. Open Query Builder.
  2. Click Add.
  3. Type “vulnerability” in the search box and select vulnerability.datePublished.
  4. Select =.
  5. Type “03/10/2020”.
  6. Click Apply.

The second query will find the Microsoft-related vulnerabilities. Before starting, confirm that the toggle is set to AND.

  1. Click Add.
  2. Type vulnerability in the search box and select vulnerability.title.
  3. Select Starts With.
  4. Type “Microsoft”.
  5. Click Apply.

Optional: Save this query

Click Save so you can reuse this query for future use with our other features, such as Dashboards, Goals and SLAs, and Remediation Projects.

Here’s what your queries will look like:

report-selector-patch-tuesday-query

Build and Populate a New Dashboard With Cards

First, you’ll have to create a new dashboard, then add new cards to it.

Create a dashboard:

  1. Click the Dashboard icon in the left menu to navigate to the Dashboards main page.
  2. In the dropdown menu at the top, select CREATE A NEW DASHBOARD.
  3. Enter in a name and description for your new dashboard.
  4. Click OK. You’ll be taken to your new dashboard where you can now add cards to it.

Next, you’ll add cards to your dashboard:

  1. Click + Add Card.
  2. Search for the Total Asset Trends card. Check the box and click Add.
  3. After the Total Asset Trends card is in your dashboard, click Expand Card >.
  4. Click Load.
  5. Select your Patch Tuesday query to load it onto the dashboard card.
  6. Click Save Card.

This card will display the total number of assets affected by the vulnerabilities that meet the query you created earlier.

Query drill down on dashboard cards

Queries applied to dashboard cards will filter the data according to that query.

Repeat Steps 1- 6, to build cards for: Number of Vulnerabilities: Displays all of the vulnerability findings found on Patch Tuesday (03/10/2020) New vs Remediated Vulnerabilities Over Time: Displays all vulnerability findings for that Patch Tuesday (03/10/2020) and how well they are remediated over time.

Optional: Add more cards around this use case

Feel free to add other cards you would like to see around this use case. For example, the Most Common Solutions card could be useful to show all solutions to be applied to remediate all vulnerabilities in your environment.

Optional: Create a goal and remediation project to maximize vulnerability management efforts

Using this particular scope, you can build a time-bound goal to track remediation efforts. After creating a goal, you can add a goal card to the dashboard you just created to keep an eye on progress.

You can assign a user to execute remediation for the specified assets and update the status by creating a remediation project through a Jira or ServiceNow ticketing integration. Create a remediation project directly from Query Builder or from the goal you created above with the Patch Tuesday query you created in Step 1.

Once you’ve created your cards, select your dashboard from the dashboard menu and click Export to PDF.