Skip to content
English
Contact Support Customer portal Sign in
Go to netrise.io
  • There are no suggestions because the search field is empty.

Comparison Reports User Guide

Comparison Reports

Creating a Comparison Report

Navigate to Reports from the left sidebar.

Click the + Create report button in the upper-right corner of the page.

In the Create Comparison Report dialog, you'll see two asset selection fields connected by a "Differences applied to" arrow:

Top field (Baseline): Select the first asset. Click the dropdown labeled "Assets" and use the Filter Assets search box to find the asset you want. Click the asset name to select it.

Bottom field (Target): Select the second asset you want to compare against the baseline. The "Compare To (Target)" asset will receive all difference metrics relative to the baseline.

If you need to reverse which asset is the baseline and which is the target, click the Swap button at the bottom-left of the dialog.

Click Create to generate the report, or Cancel to close without creating one.

A green "Report created successfully" toast notification confirms the report has been generated. The new report appears at the top of the Reports list.

Viewing a Comparison Report

From the Reports list, click View Report on any comparison report row. The report opens in a slide-out panel on the right side of the screen.

At the top of the panel, you'll see:

  • The report title showing both asset names (e.g., "Asset A vs Asset B")
  • The creation date and the user who created it
  • A Swap Order button to reverse the comparison direction
  • A Generate PDF button to export the report

The report contains three tabs: Summary, Vulnerabilities, and SBOM.

Summary Tab

The Summary tab provides a high-level overview of how the target asset compares to the baseline.

Remediation Validation

This expandable section tracks the status of vulnerability remediations. It displays a subtitle indicating the number of tracked remediations (e.g., "Tracking 5 vulnerability remediations.").

Three color-coded cards summarize remediation progress:

  • Marked Resolved — The total number of vulnerabilities that have been marked as resolved. This represents all vulnerabilities targeted for remediation.
  • Resolved — The number of tracked vulnerabilities that have been confirmed resolved in the target asset (i.e., they are no longer present).
  • Still Present — The number of tracked vulnerabilities that remain unresolved in the target asset.

Below each card, a detailed list shows the individual CVEs in that category. Each entry displays the CVE ID, the affected component name and version, exploit status indicators (such as Weaponized, CISA KEV, Proof of Concept, or Unproven), and the severity score with its level (e.g., "9.3 Critical", "5.0 Medium", "3.8 Low").

Vulnerabilities

A set of color-coded cards shows the current vulnerability counts by severity — Critical, High, Medium, and Low — along with the change from the baseline (shown as a delta, e.g., "↓ -51"). Each card displays the current count, the previous count ("was X"), and the direction of change.

An overall Improvement percentage badge (e.g., "92% Improvement") summarizes the net change across all severity levels.

Below the severity cards, additional cards cover specialized vulnerability categories:

  • Reachable Vulnerabilities — Vulnerabilities confirmed to be reachable in the asset's execution path.
  • CISA KEV — Vulnerabilities listed in CISA's Known Exploited Vulnerabilities catalog.
  • Weaponized Vulnerabilities — Vulnerabilities with known weaponized exploits in the wild.
  • PoC (Proof of Concept) — Vulnerabilities that have a publicly available proof-of-concept exploit.

Security Findings

Further down the Summary tab, security findings provide additional context on configuration issues and other non-CVE concerns.

Vulnerabilities Tab

The Vulnerabilities tab provides a deeper look at exactly what changed.

Totals

Three cards at the top show:

  • Total Vulnerabilities — The current count with the delta from the baseline (e.g., "161, was 176, ↓ -15").
  • Added — The number of new vulnerabilities introduced in the target, with a preview of specific CVEs.
  • Removed — The number of vulnerabilities no longer present in the target, with a preview of specific CVEs.

Remediation Validation

An expandable section showing the same three-card layout as the Summary tab:

  • Marked Resolved — All vulnerabilities targeted for remediation, with the total count.
  • Resolved — Tracked vulnerabilities that have been confirmed resolved in the target. Each entry shows the CVE ID, affected component and version, exploit status, and severity rating.
  • Still Present — Tracked vulnerabilities that remain unresolved. Each entry shows the same detail as the Resolved list.

If no vulnerabilities have been resolved, the Resolved column displays a "No Data Present" placeholder.

Version Comparison

Two cards show the Compare from Version (baseline) and Compare to Version (target), including vendor information and upload dates.

Vulnerabilities by Severity

Side-by-side donut charts visualize the severity distribution for the baseline asset (left) and the target asset (right), making it easy to spot shifts in the risk profile.

Vulnerability Lists

Below the severity charts, a Search bar and Sort By controls let you filter and order results. Sort options include Severity, CVE ID, and Component Name.

Three expandable sections let you drill into the specifics:

  • Added Vulnerabilities — Every vulnerability present in the target but not the baseline. Each entry shows the CVE ID, affected component and version, exploit status, and severity rating.
  • Removed Vulnerabilities — Every vulnerability present in the baseline but absent from the target.
  • Unchanged Vulnerabilities — Vulnerabilities that exist in both assets.

SBOM Tab

The SBOM (Software Bill of Materials) tab shows how the software composition has changed between the two assets.

Totals

Three cards at the top show:

  • Total Components — The current count with the delta (e.g., "666, was 110, ↑ +556").
  • Added — The number of new components introduced in the target.
  • Removed — The number of components no longer present in the target.

Version Comparison

Same as the Vulnerabilities tab — shows the baseline and target versions side by side.

SBOM Component Makeup

Side-by-side stacked bar charts and tables break down the component types for each asset. Component types may include Application, Library, Package, Kernel, Kernel Module, AI Model, and others, each with their respective counts.

Component Lists

Below the makeup charts, three expandable sections let you drill into the specifics:

  • Added Components — Every component that appears in the target but not the baseline. Each entry shows the component name, version, type (e.g., Package), license info, vulnerability count (color-coded by severity), and total vulnerability count.
  • Removed Components — Every component present in the baseline but absent from the target.
  • Unchanged Components — Components that exist in both assets.

Use the Search bar and Sort By controls above the component lists to find specific components quickly.

Managing Reports

From the Reports List

Each report row in the list shows:

  • Report name — The two asset names being compared.
  • Vendor — The vendor(s) associated with the assets.
  • Type — Always "Comparison" for comparison reports.
  • Created — The date and time the report was generated.
  • Created By — The email of the user who created the report.

Click the (three-dot menu) on any report row to access:

  • Download PDF — Download a PDF version of the report.
  • Delete Report — Permanently remove the report.

From Inside the Report

  • Swap Order — Reverses which asset is the baseline and which is the target, recalculating all deltas accordingly.
  • Generate PDF — Creates and downloads a PDF export of the full report.
  • Close (✕) — Closes the report panel and returns you to the Reports list.

Tips

  • Use comparison reports for firmware update validation. Compare the old firmware version against the new one to confirm that known vulnerabilities have been addressed and no critical new ones have been introduced.
  • Pay attention to the "Added" counts. Even if total vulnerability numbers go down, newly introduced vulnerabilities may include critical or weaponized ones that need immediate attention.
  • Review the Remediation Validation section closely. The Marked Resolved count shows all vulnerabilities targeted for remediation. Compare it against the Resolved and Still Present counts to verify that your remediation efforts are being reflected in the updated asset.
  • Check the SBOM tab after updates. Component changes can introduce new dependencies with their own vulnerability profiles.
  • Export to PDF for stakeholders. Use Generate PDF to share results with teams that don't have direct access to the NetRise platform.
Real person here 👉