Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Panel
panelIconId1f914
panelIcon:thinking:
panelIconText🤔
bgColor#DEEBFF

What are Company Problems?

In short, these are the vulnerabilities that the ConnectSecure scan agent(s) have has discovered. Vulnerabilities are automatically categorized into Problem Groups to help us understand and communicate what type of vulnerabilities we are discovering.

...

Company Problems - Table of Contents

Table of Contents
minLevel1
maxLevel6
include
outlinefalse
indent
excludeCompany Problems - Table of Contents
typelist
class
printablefalse

...

Company Problems - Overview

Problem Groups

...

As part of the V4 release, we have designed a new screen that provides a fresh view of what we call 'Problem Groups.' With this new screen, the system will automatically classify your vulnerabilities into logical groups, making it easier for you to remediate them. It will also help you generate accurate reports catering to your specific needs.

...

See the details below for the full listing.

...

Affected Assets

...

View the Affected Assets for the selected company. The number of assets will be displayed in the title bar. Tap the asset IP to view details.

...

Suppressed Records

...

Tap here to view the suppressed vulnerabilities for the selected company. From the three-dot action menu you have the option to ‘Unsuppress’.

...

Company Problems - Details

Problem Group Categories:

  • All Vulnerabilities

  • Critical Vulnerabilities

  • High Severity Vulnerabilities

  • Medium Severity Vulnerabilities

  • Low Severity Vulnerabilities

  • SMB Vulnerabilities

  • SSL/TLS VulnerabilitiesSSL Certificate Info

  • Remote Login Vulnerabilities

  • CISA Notified Vulnerabilities

  • EPSS >= 0.95

  • 0.95 > EPSS >= 0.90

  • 0.90 > EPSS >= 0.85

  • Database Vulnerabilities

  • Informational

...

Field Label

Description / General Use

Problem Name

Displays the detected vulnerabilities CVE-ID

Description

Describes the CVE-ID (Problem Name)

Assets

Displays the count of Assets with the CVE-ID (Problem Name)

Score

Displays the Base, EPSS, Exploitability, and Impact Scores.

Severity

Displays the Severity for the selected CVE

Ports

Displays any associated Ports for the CVE

Script Output

Displays the script output return from the check ID

Base

Displays the Base score (CVSS)

EPSS

Displays the EPSS score; source First.ORG

Exploitability

Displays the Exploitability score

Impact

Displays the Impact score

Description

Displays the full description of the CVE

...

Global Problem Group Name - Glossary of Terms

The system automatically classifies discovered vulnerabilities into the specific Problem Group Names in the table below.

Problem Group Name

Description / Use Case

0.90 > EPSS >= 0.85

Vulnerabilities grouped by EPSS Scoring >=90/95%

0.85 > EPSS >= 0.90

Vulnerabilities grouped by EPSS Scoring >=85/90%

0.95 > EPSS >= 0.90

Vulnerabilities grouped by EPSS Scoring >=90/95%

CISA Notified Vulnerabilities

Vulnerabilities grouped by CISA classification; source CISA.GOV

Critical Vulnerabilities

Vulnerabilities grouped by severity of Critical

EPSS >= 0.95

Vulnerabilities grouped by EPSS Scoring >=95%

High Severity Vulnerabilities

Vulnerabilities grouped by severity of High

Informational

 Vulnerabilities grouped by category of Info Only

Low Severity Vulnerabilities

Vulnerabilities grouped by severity of Low

Medium Severity Vulnerabilities

Vulnerabilities grouped by severity of Medium

Remote Access Vulnerabilities

Vulnerabilities grouped by category of Remote Access

Remote Login Vulnerabilities

Vulnerabilities grouped by category of Remote Login

SMB Vulnerabilities

Vulnerabilities grouped by category of SMB

SSL Certificate Info

Vulnerabilities grouped by category of Certifcates

SSL/TLS Vulnerabilities

 Vulnerabilities grouped by category of SSL/TLS

...

Company Problems - Action Toolbar Overview

...

Company Problems - Action Toolbar Actions

Scan

Tap on the Asset Count from the Problems Details table, then tap the IP of any asset, and use the Scan button to initiate an asset scan.

...

Tap on the SCAN action menu to begin an asset scan:

...

Jobs

Tap to view Scan Job(s) historical data.

...

Alerts

Set a date range to view the System Events and asset timeline.

...

Info

Tap to view the Getting Started wizard; see the link below for additional information.

V4 Getting Started In App Info

...

Tap to view the corresponding Company Problems KB.

...

Company Problems - Suppression

You have an option to mark any discovered Problem as Suppressed. Doing so will move the Problem to the Suppressed Records section.

...

How To: Suppress a Problem

  1. Select a Problem Name record or multiples using the checkboxes, then tap the Global Actions > Suppress button.

...

Note

NOTE: Suppression of any Problem will require approval and a reason.

Approval Process - Self Approve (requires Admin or Approver permissions)

Using this option, you must enter your Suppression Comments and the date options, which include permanent or a start/end date range.

...

Approval Process - Other User

User Type = Internal User

Using this option, you must choose from the drop-down of available Internal Users (in User Management) with Admin or Approver permissions, along with the required comments and date parameters.

...

User Type = External User

Using this option, you must enter the email address into the external user column, along with the required comments and date parameters.

...

Tip

Enter comma-separate emails for more than one.

...

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

...