Hello everyone,

I am looking for some guidance regarding vulnerability reporting in EC.

Currently, I know we can easily generate and export reports showing the patches that have been successfully applied to our endpoints. However, my security team needs a report that specifically lists the vulnerabilities (e.g., CVEs) that have been remediated/resolved.

While patching inherently fixes vulnerabilities, we need a view or a report that tracks the resolution by the vulnerability name/CVE rather than by the patch KB or ID.

Does EC have a built-in report that provides this specific view?

If not, has anyone managed to create a custom query or found a reliable workaround to link applied patches to their remediated vulnerabilities for reporting purposes?

Any help, insights,  you could share would be greatly appreciated!

Thanks in advance!