Nessus provides a good illustration of the scan reports in a HTML file format which is standalone and can be opened in any browser to view the results. This report also allows for the navigation between different sections so that users can easily read huge reports. These HTML reports can also be customized to download the following reports:
- Executive Summary report:
- Custom report with vulnerabilities and remediations grouped by host
- Custom report with vulnerabilities and remediations grouped by plugin
A HTML report contains the following sections:
- TABLE OF CONTENTS: This lists the required navigation pane for vulnerabilities by host and recommendations. These contain further details in complex reports such as compliance audit:
- Vulnerabilities by host: This section consists of the actual vulnerabilities by host. This follows the format of reporting all of the vulnerabilities per host and then moving on to the next host. This further starts with a simple summary of the number of vulnerabilities and their risk ratings per host. This includes Scan Information such as Start time and End time, along with Host Information:
Each vulnerability consists of the following sections, the details of which have been described in Chapter 5, Configuration Audits:
- Plugin ID
- Synopsis
- Description
- Solution
- Risk factor
- References
- Plugin information and output:
