Vulnerability Assessment Reporting

The Scenario

Your Nessus scan returned 847 vulnerabilities across 200 hosts. Management wants a one-page executive summary by end of day. You need to prioritize, summarize, and recommend — fast.

---

The Prompt

I ran a Nessus vulnerability scan. Here are the critical and high findings. Summarize for management and for the technical team:

CRITICAL:
- CVE-2024-21762: FortiOS SSL VPN RCE - 3 hosts affected (10.1.1.1, 10.1.1.2, 10.1.1.3)
- CVE-2023-44487: HTTP/2 Rapid Reset (DDoS) - 12 web servers affected
- MS17-010: EternalBlue SMBv1 RCE - 1 host (10.1.5.200, Windows Server 2012)

HIGH:
- OpenSSL 1.1.1 EOL - 25 hosts running outdated OpenSSL
- Default SNMP community string "public" - 8 network devices
- SSH weak algorithms (CBC mode ciphers) - 15 devices

Create:
1. Executive summary (3 sentences, no jargon)
2. Technical remediation plan prioritized by risk
3. Estimated effort per fix (quick win vs project)

---

What AI Gives You

Executive summary: "Three critical vulnerabilities allow attackers to take full control of our VPN and a file server remotely. One of these (EternalBlue) was used in the WannaCry ransomware attack. We recommend emergency patching within 48 hours."

Technical plan prioritized by exploitability and impact, with specific remediation steps.

---

Try It Yourself

Export your most recent scan results. Feed the critical/high findings to AI. Compare the executive summary with what you would have written.