@milan.kulik Thanks for asking this question.  The Advisory summary table divides the analysis into Affected and Potentially Affected and the same is true when you drill into the advisory.  The text within the analysis explains why something is only potentially affected.  It is usually due to one of two reasons:  1) Insufficient telemetry data to make the assessment.  or 2) Inability of the analysis itself to make the assessment.  Feel free to private message me a specific customer and advisory so I can look at exactly what you are seeing and give a more complete response.

Hi Chris,

this is what I see:

When I click on those 39 Advisories button and then on the Advisories again:

This list is not saying that the second advisory is only Potentially affecting my device which I can see when I click on it again:

So I believe it would be worth to add some icon to the previous list to distinguish Affecting and Potentially affecting vulnerabilities!

Thanks,
Milan Kulik

@milan.kulik Perfect.  Thank you for the explanation.  I totally understand what you are asking for.  Two possible enhancements here.  On the Asset360>Advisories tab, could separate the advisories into Affected vs. Potentially Affected.  And for the count of Critical Security Advisories, consider how we could show the breakout of Affected vs. Potentially Affected.

Hope you are aware of the Acknowledge Advisories feature.  If you have evaluated a security advisory (or field notice) and decided that you no longer want to see it in the active list, you can acknowledge it.  It doesn't go away, it just moves out of active.  This is only at the advisory level, though, not per device.

Hi and thank you for the idea! It has been accepted for further discussion within our internal team. Stay tuned!