Has anyone ever come up with a way to rollup up detections to a single VIT, regardless of scanning source? I've had SecOps people ask me, if the CVE and CI are the same, why can't I add the new detections to an existing VIT, regardless of who found it? I don't want to have to modify the detections script include, and the only work-around I can think of is to compare VITs after creation and associate the detections from a "duplicate" VIT to the preexisting one, based on CVE and CI. Of course any TPE scanner like Tenable is going to make that more difficult.
