Panel | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
What are Company Problems? In short, these are the vulnerabilities ConnectSecure scan agent(s) have discovered. Vulnerabilites Vulnerabilities are automatically categorized into Problem Groups to help us understand better and communicate what type of vulnerabilities we are discovering. |
...
Company Problems - Table of Contents
Table of Contents | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
Company Problems - Overview
As part of the V4 release, we have designed a new screen that provides a fresh view of what we call 'Problem Groups.'
With this new screen, the system will automatically classify your vulnerabilities into logical groups, making it easier for you to remediate them. It will also help you generate accurate reports catering to your specific needs.
...
Company Problems - Details
Problem Group Categories:
Critical Vulnerabilities
High Severity Vulnerabilities
Medium Severity Vulnerabilities
Low Severity Vulnerabilities
SMB Vulnerabilities
SSL/TLS Vulnerabilities
SSL Certificate Info
Remote Login Vulnerabilities
CISA Notified Vulnerabilities
EPSS >= 0.95
0.95 > EPSS >= 0.90
0.90 > EPSS >= 0.85
Database Vulnerabilities
Informational
...
Field Label | Description / General Use |
---|---|
Problem Name | Displays the detected vulnerabilities CVE-ID |
Description | Provides a description of Describes the CVE-ID (Problem Name) |
Assets | Displays the count of Assets with the CVE-ID (Problem Name) |
Score | Displays the Base, EPSS, Exploitability, and Impact Scores. |
Severity | Displays the Severity for the selected CVE |
Ports | Displays any associated Ports for the CVE |
Script Output | Displays the script output return from the check ID |
Base | Displays the Base score (CVSS) |
EPSS | Displays the EPSS score; source First.ORG |
Exploitability | Dispolays Displays the Expolitability Exploitability score |
Impact | Displays the Impact score |
Description | Dispalys Displays the full description of the CVE |
...
Global Problem Group Name - Glossary of Terms
The system automatically classifies discovered vulnerabilities into the specific Problem Group Names in the table below.
Problem Group Name | Description / Use Case |
---|---|
0.90 > EPSS >= 0.85 | Vulnerabilities grouped by EPSS Scoring >=90/95% |
0.85 > EPSS >= 0.90 | Vulnerabilities grouped by EPSS Scoring >=85/90% |
0.95 > EPSS >= 0.90 | Vulnerabilities grouped by EPSS Scoring >=90/95% |
CISA Notified Vulnerabilities | Vulnerabilities grouped by CISA classification; source CISA.GOV |
Critical Vulnerabilities | Vulnerabilities grouped by severity of Critical |
EPSS >= 0.95 | Vulnerabilities grouped by EPSS Scoring >=95% |
High Severity Vulnerabilities | Vulnerabilities grouped by severity of High |
Informational | Vulnerabilities grouped by category of Info Only |
Low Severity Vulnerabilities | Vulnerabilities grouped by severity of Low |
Medium Severity Vulnerabilities | Vulnerabilities grouped by severity of Medium |
Remote Access Vulnerabilities | Vulnerabilities grouped by category of Remote Access |
Remote Login Vulnerabilities | Vulnerabilities grouped by category of Remote Login |
SMB Vulnerabilities | Vulnerabilities grouped by category of SMB |
SSL Certificate Info | Vulnerabilities grouped by category of Certifcates |
SSL/TLS Vulnerabilities | Vulnerabilities grouped by category of SSL/TLS |
...
Company Problems - Action Toolbar Overview
...
Company Problems
...
Suppressed Records - tap to view any problems previously suppressed.
Scan - tap to kick off a manual scan.
Jobs - tap to view any scanned jobs and their current status.
Alerts - tap to view System Events, time-line style.
Info - tap to view the Getting Started info.
Company Problems - Action Toolbar Actions
Problems Suppress
To use the suppression, you must first select at least one problem record and then tap the Problems Suppress option.
...
In order to suppress a problem, there must be a reason and approval from either an internal or external user.
Approval Process
Method 1 - Self Approve
When using Self Approve, you must enter a Reason, Comments, and a Date Range.
...
You can also mark suppression as permanent if necessary.
...
Method 2 - Other User
Other Users will require you to select either the External or Internal User option.
...
Internal User
This is used to send the approval to an internally licensed ConnectSecure user. Their user email address will be displayed in the ‘Send To Internal User’ drop-down shown in #3 below.
...
Select the user(s) to send the approval email and complete the Comments, Date Range, and required fields.
...
After Save, an email is sent to the selected user(s) where they can click the Approve/Reject button from the email to leave remarks.
...
Internal Users will be directed to the ConnectSecure Portal and see the Approve/Reject Suppression panel, where you will see the Problem Name, Problem ID, Reason, Suppression Request Sent Time, Suppression Status, Suppressed On, Suppressed Til, and Company Name fields.
...
Tap on the three-dot action menu under Action to use the Approve or Reject buttons.
...
Approve - enter the required approval comment, then tap Approve.
...
Reject - enter the required rejection comment, then tap Reject.
...
From the Company > Assets > Problems screen, you can see the Problems/Suppressed Records to view the status and details of any suppressed problems.
...
External User
This is used to send the approval to an external user using a valid email address; enter those in the ‘Send To External User’ field as shown in #3 below.
...
Upon saving, the external user email address will receive the Approve/Reject email.
...
External Users will be directed to the ConnectSecure Portal and see the Approve/Reject Suppression panel, where you will see the Problem Name, Problem ID, Reason, Suppression Request Sent Time, Suppression Status, Suppressed On, Suppressed Til, and Company Name fields.
...
Approve - enter the required approval comment, then tap Approve.
...
Reject - enter the required rejection comment, then tap Reject.
...
From the Company > Assets > Problems screen, you can see the Problems/Suppressed Records to view the status and details of any suppressed problems.
...
Info |
---|
NOTE: Internal Users must have Admin or Approver security role permissions to approve suppression. All approvals are captured in our audit logs. |
Suppressed Records
Tap here to view historical data for any vulnerabilities marked as suppressed; this includes the Problem Name, Reason, Suppression Request Sent Time, Suppression Status, Suppressed On, and Suppressed Till fields.
...
Scan
Tap on the Asset Count from the Problems Details table, then tap the IP of any asset, and use the Scan button to initiate an asset scan.
Jobs
Tap to view Scan Job(s) historical data.
...
Alerts
Set a date range to view the System Events and asset timeline.
...
Getting Started
Tap to view the Getting Started wizard; see the link below for additional information.
...
- Action Toolbar Actions
Scan
Tap on the Asset Count from the Problems Details table, then tap the IP of any asset, and use the Scan button to initiate an asset scan.
...
Tap the IP to see the Asset:
...
Tap on the SCAN action menu to begin an asset scan:
...
Jobs
Tap to view Scan Job(s) historical data.
...
Alerts
Set a date range to view the System Events and asset timeline.
...
Info
Tap to view the Getting Started wizard; see the link below for additional information.
V4 Getting Started In App Info
...
Help Link
Tap to view the corresponding Company Problems KB.
...
Company Problems - Suppression
You have an option to mark any discovered Problem as Suppressed. Doing so will move the Problem to the Suppressed Records section.
...
How To: Suppress a Problem
Select a Problem Name record or multiples using the checkboxes, then tap the Global Actions > Suppress button.
...
Note |
---|
NOTE: Suppression of any Problem will require approval and a reason. |
Approval Process - Self Approve (requires Admin or Approver permissions)
Using this option, you must enter your Suppression Comments and the date options, which include permanent or a start/end date range.
...
Approval Process - Other User
User Type = Internal User
Using this option, you must choose from the drop-down of available Internal Users (in User Management) with Admin or Approver permissions, along with the required comments and date parameters.
...
User Type = External User
Using this option, you must enter the email address into the external user column, along with the required comments and date parameters.
...
Tip |
---|
Enter comma-separate emails for more than one. |
...
Need Support?
Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.
...