Ingesting host agent scans produces a lot entities that have no significant value

[aiwilliams]

For assets that have the InsightVM agent installed the number of "scans" is going to be extremely large. The InsightVM agent runs "continuous" scanning, so that is likely going to generate thousands of graph entities on a daily basis.

The intention of the Scan entity in the vulnerability management data model is to indicate that an asset has a scanner configured for the asset so that even when there have been no vulnerabilities found, it is possible to indicate that scanning is in place.

Consider an approach that marks the asset with properties such as scannedBy: ['InsightVM'],lastInsightVMScanId, lastInsightVMScannedOn.

[aiwilliams]

Note that the data used to build the insightvm_asset includes scan history (we do not currently store this raw data because it was causing the integration to fail execution for oversized uploads to the persister).