Vulnerabilities
  • 08 Mar 2022
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Vulnerabilities

  • Dark
    Light
  • PDF

Use the Vulnerabilities Management Module to see a consolidated view of all the vulnerabilities in the organization, from all sources. The Vulnerabilities page delivers increased visibility into cybersecurity vulnerabilities. It helps security, IT, and risk teams identify vulnerabilities across fleets of devices, enabling them to prioritize vulnerabilities based on asset criticality, potential impact, and recognized threats.

Click the Vulnerabilities icon VuliconN.png to open the Vulnerabilities page.

Vulnup.png

Use Vulnerabilities to see the aggregated vulnerability data presented by CVE ID. The Adapter Connections column shows which adapter source the vulnerabilities come from. The Device Count shows the number of devices affected by this vulnerability; when you click on Device Count the Device page opens with the devices affected by this vulnerability.

Vulnerabilities uses the Static Analysis StatisAnalysisicon.png adapter to enrich Vulnerabilities with additional information from the NIST NVD database.

Click the arrow next to any of the fields to see more details about that field.
Not all of the fields are displayed by default. Use Edit Columns to add or remove columns; refer to Setting Page Columns Display.

Creating Queries on Vulnerabilities

The Query Wizard on the Vulnerabilities page allows you to create a unique set of queries. Vulnerabilities queries are created on two levels. The first level of the query focuses on vulnerability parameters. You can query fields such as the CVSS score, severity, or attack vector. The second level queries devices, for instance operating system, installed software, last update date etc. So you can use these queries to find out what critical vulnerabilities exist and whether they impact critical assets in your environment? Or, how many vulnerabilities exist, and whether they appear on devices with open ports, or that have a specific patch applied?
To configure the Query Wizard on the Vulnerabilities page

  1. Build a query on a vulnerability field on the table, for instance CVSS score.
  2. Filter the vulnerabilities displayed by a Device query, and thus only show the vulnerabilities in your environment by a defined Device query, for instance Public IPs exist.

After running the query the table shows the vulnerabilities queried, filtered by the devices they affect.
For example show vulnerabilities with the CVSS score over 8, only on devices where the operating system is Windows.

Vulnerability query.png

Note:

You do not have to fill in the Device section of the query to find vulnerabilities in your environment.

Saving Queries

  • Click Save As to save the query.
  • When you click Saved Queries and open the Queries page, the vulnerabilities queries you created are displayed on the Queries page, filtered by Vulnerabilities.

VulnerabilitesSavedQuery.png

Refer to Creating Queries with the Queries Wizard to learn more about creating queries.


Exporting Vulnerability Data to CSV

You can export the Vulnerability data to CSV. Refer to Exporting Device and User Data to CSV.



First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.