We are scanning IP ranges on a Monthly basis and running a related Scorecard report after the Monthly run. Within the Scorecard reports there are two particular fields I'd like to zoom into, in this question:
1. Status New
2. Age: 0-30 days
Since we scan and report on a Monthly basis, I'd expect the New items I find, will also fall in the category 0-30 days.
Example: If there are 1.000 new vulnerabilities found, I'd expect the category 0-30 days to be 1.000 or higher, maybe slightly lower since half of the Months have 31 days.
However I have examples where I have 461 new vulnerabilities and only 3 in category 0-30 days. This gives me the impression the category 0-30 days is not reflecting correctly, hence probably the other age categories are not (fully) correct as well.
How is the age 0-30 days field calculated exactly, what are the exact parameters used?
In the online help I do see a clear description of the field 'New' but not of this field.