Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Panel
panelIconId1f914
panelIcon:thinking:
panelIconText🤔
bgColor#DEEBFF

What are Company Problems?

In short, these are the vulnerabilities ConnectSecure scan agent(s) have discovered. Vulnerabilites are automatically categorized into Problem Groups to understand better and communicate what type of vulnerabilities we are discovering.

...

Company Problems - Table of Contents

Table of Contents
minLevel1
maxLevel6
include
outlinefalse
indent
excludeCompany Problems - Table of Contents
typelist
class
printablefalse

...

Company Problems - Overview

As part of the V4 release, we have designed a new screen that provides a fresh view of what we call 'Problem Groups.'

With this new screen, the system will automatically classify your vulnerabilities into logical groups, making it easier for you to remediate them. It will also help you generate accurate reports catering to your specific needs.

...

Company Problems - Details

  • Problem Group Categories:

  • Critical Vulnerabilities

  • High Severity Vulnerabilities

  • Medium Severity Vulnerabilities

  • Low Severity Vulnerabilities

  • SMB Vulnerabilities

  • SSL/TLS Vulnerabilities

  • SSL Certificate Info

  • Remote Login Vulnerabilities

  • CISA Notified Vulnerabilities

  • EPSS >= 0.95

  • 0.95 > EPSS >= 0.90

  • 0.90 > EPSS >= 0.85

  • Database Vulnerabilities

  • Informational

Problem Details include the following data fields: Problem Name, Description, Assets, Score, and Severity. These details will be updated based on the Problem Group Name selected.

Field Label

Description / General Use

Problem Name

Displays the detected vulnerabilities CVE-ID

Description

Provides a description of the CVE-ID (Problem Name)

Assets

Displays the count of Assets with the CVE-ID (Problem Name)

Score

Displays the Base, EPSS, Exploitability, and Impact Scores.

Severity

Displays the Severity for the selected CVE

Ports

Displays any associated Ports for the CVE

Script Output

Displays the script output return from the check ID

Base

Displays the Base score (CVSS)

EPSS

Displays the EPSS score; source First.ORG

Exploitability

Dispolays the Expolitability score

Impact

Displays the Impact score

Description

Dispalys the full description of the CVE

...

Global Problem Group Name - Glossary of Terms

The system automatically classifies discovered vulnerabilities into the specific Problem Group Names in the table below.

Problem Group Name

Description / Use Case

0.90 > EPSS >= 0.85

Vulnerabilities grouped by EPSS Scoring >=90/95%

0.85 > EPSS >= 0.90

Vulnerabilities grouped by EPSS Scoring >=85/90%

0.95 > EPSS >= 0.90

Vulnerabilities grouped by EPSS Scoring >=90/95%

CISA Notified Vulnerabilities

Vulnerabilities grouped by CISA classification; source CISA.GOV

Critical Vulnerabilities

Vulnerabilities grouped by severity of Critical

EPSS >= 0.95

Vulnerabilities grouped by EPSS Scoring >=95%

High Severity Vulnerabilities

Vulnerabilities grouped by severity of High

Informational

 Vulnerabilities grouped by category of Info Only

Low Severity Vulnerabilities

Vulnerabilities grouped by severity of Low

Medium Severity Vulnerabilities

Vulnerabilities grouped by severity of Medium

Remote Access Vulnerabilities

Vulnerabilities grouped by category of Remote Access

Remote Login Vulnerabilities

Vulnerabilities grouped by category of Remote Login

SMB Vulnerabilities

Vulnerabilities grouped by category of SMB

SSL Certificate Info

Vulnerabilities grouped by category of Certifcates

SSL/TLS Vulnerabilities

 Vulnerabilities grouped by category of SSL/TLS

...

Company Problems - Action Toolbar Overview

...

Problems Suppress - tap to suppress a problem; select at least one problem to use the suppression feature.

...

Info - tap to view the Getting Started info.

...

Company Problems - Action Toolbar Actions

Problems Suppress

To use the suppression, you must first select at least one problem record and then tap the Problems Suppress option.

...

In order to suppress a problem, there must be a reason and approval from either an internal or external user.

...

Approval Process

Method 1 - Self Approve

When using Self Approve, you must enter a Reason, Comments, and a Date Range.

...

You can also mark suppression as permanent if necessary.

...

Method 2 - Other User

Other Users will require you to select either the External or Internal User option.

...

Internal User

This is used to send the approval to an internally licensed ConnectSecure user. Their user email address will be displayed in the ‘Send To Internal User’ drop-down shown in #3 below.

...

From the Company > Assets > Problems screen, you can see the Problems/Suppressed Records to view the status and details of any suppressed problems.

...

External User

This is used to send the approval to an external user using a valid email address; enter those in the ‘Send To External User’ field as shown in #3 below.

...

Info

NOTE: Internal Users must have Admin or Approver security role permissions to approve suppression.

All approvals are captured in our audit logs.

...

Suppressed Records

Tap here to view historical data for any vulnerabilities marked as suppressed; this includes the Problem Name, Reason, Suppression Request Sent Time, Suppression Status, Suppressed On, and Suppressed Till fields.

...

Scan

Tap on the Asset Count from the Problems Details table, then tap the IP of any asset, and use the Scan button to initiate an asset scan.

...

Jobs

Tap to view Scan Job(s) historical data.

...

Alerts

Set a date range to view the System Events and asset timeline.

...

Getting Started

Tap to view the Getting Started wizard; see the link below for additional information.

V4 Getting Started In App Info

...

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

...