We need a report that will indicate how many days it took to remediate vulnerabilities by severity.

Currently we can use the Resolved remediated report to track the time per asset, however the client requires this per Severity.

For example, a total of 109 Critical vulnerabilities were resolved over a time period of 30 days.

The time period will have to coincide with the vulnerabilities First discovered date vs Date it was remediated.

Based on this requirement we expect to see an average timeframe for remediating vulnerabilities by criticality over a period.