I would like to know how LDMS categorizes severity of the Vulnerabilities in Patch and Compliance Scan. For instance, our Security officer uses Nessus vulnerability scanner for PCI-DSS compliance scanning and Nessus reported that MS KB 2562937, MS KB 226937, MS11-046 as High, and MS KB 982316, MS KB 2524375 as Medium, whereas LANDesk Patch Compliance scan reports those KBs as Severity "NA."
My question is, which industry standards or guidelines does LANDesk use to categorize the vulnerability patches and does the LDMS use have the ability to change the Severity setting manually?
Also, if both tools LANDesk and Nessus are PCI-DSS compliant, then why does each product have their own unique categorization of these MS KB vulnerability patches?