I am seeing a significant difference in records when I compare a Host Based Findings Report to downloading a Raw Scan.
Both the Raw Scan and Host Based Findings Report are based on the same (1) asset group and same (2) date range (e.g., last 30 days). Even if I remove the (fixed) records from the Host Based Findings Report there is still a big discrepancy in the sheer amount of vulnerability records.
My expectation would be there would be relatively the same amount of records, if only one scan was performed on the same asset group within a 30-day period of time.
Any explanation, guidance, and/or documentation would be gratefully appreciated,