Why does my Ryskview data not match my scans?

Ryskview is a database that holds more than just the most recently uploaded scans. A single scan is a snapshot in time, which may or may not include all of the Assets. For example, portable devices such as laptops may be missing. The next scan may have less or more Assets included in the scan. Ryskview stores all the information accumulated over multiple scans.

However, if an Asset is not scanned at least every 90 days, it (and its data) will be archived by Ryskview. This ensures accurate and relevant data.

Another reason that Ryskview and scans may differ is whether a scan is credentialed. By default, Ryskview assumes that all scans will be credentialed. If a scan is uncredentialed, then Ryskview will add any new vulnerabilities, but will not close any vulnerabilities because it cannot verify that the vulnerabilities were actually remediated.

However, if you know or expect that scans will be uncredentialed, then you can indicate that to Ryskview within the Asset attributes by unchecking the “Require Credentials” box. When you do this, Ryskview will ignore the credential information on the scans and close all the vulnerabilities that are not present on the most recent scan.