Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

This is a global view of all detected vulnerabilities, including application, external os, and network vulnerabilities, organized automatically by our Problem GroupsCategories.

...

Global Vulnerabilities - Table of Contents

Table of Contents
minLevel1
maxLevel6
include
outlinefalse
indent
styledefaultnone
excludeGlobal Vulnerabilities - Table of Contents
typelist
class
printablefalsetrue

...

Global Vulnerabilities -

...

The data is organized and can be sorted from the Problem Group Name pod. This includes the following:

  1. Problem Count

  2. Company Count

  3. Asset Count

...

Once you have selected one of the Problem Group options from the left panel, the Problem Details pod on the right side of the screen will display the details, which include the Problem Name, Description, Assets, Score, and Severity data.

...

Global Vulnerabilities - Details

...

Details

Vulnerabilities are automatically organized into the Problem Category and various filters, as highlighted below.

...

Problem Details will display results based on selected filtering options; this data includes Problem Name, Asset Count, NIST/EPSS Scoring, Description, Time/Date Stamps, and moreā€¦

...

Tap on the Problem Name (CVE-ID) to see the details from NIST/NVD:

...

Info

Check your column options and arrange the data how you like it.

image-20240926-185519.pngImage Added

Problem Category

The system automatically classifies discovered vulnerabilities into the specific Problem Group Names in the table below.

...

Problem Group Name

...

Description / Use Case

...

following Problem Categories:

...

  • All Vulnerabilities

  • Critical Severity Vulnerabilities

  • High Severity Vulnerabilities

  • Medium Severity Vulnerabilities

  • Low Severity Vulnerabilities

  • SMB Vulnerabilities

  • SSL/TLS Vulnerabilities

  • CISA Notified Vulnerabilities

  • EPSS >= 0.

...

  • 95%

  • 0.

...

  • 95 > EPSS >= 0.

...

  • 90

...

  • 0.

...

  • 90 > EPSS >= 0.

...

Vulnerabilities grouped by EPSS Scoring >=90/95%

...

Antivirus Not Installed

...

Antivirus is not installed on the Asset

...

Backup Not Performed

...

Backup Agent is not installed on the Asset

...

CISA Notified Vulnerabilities

...

Vulnerabilities grouped by CISA classification; source CISA.GOV

...

Critical Vulnerabilities

...

Vulnerabilities grouped by severity of Critical

...

Database Vulnerabilities

...

Vulnerabilities grouped by classification of database

...

EPSS >= 0.95

...

Vulnerabilities grouped by EPSS Scoring >=95%

...

Firewall Misconfiguration

...

Vulnerabilities grouped by classification of firewall misconfigure

...

High Severity Vulnerabilities

...

Vulnerabilities grouped by severity of High

...

Information Disclosure

...

Vulnerabilities grouped by classification of information disclosure

...

Informational

...

This information captured is for information purpose

...

Low Severity Vulnerabilities

...

Vulnerabilities grouped by severity of Low

...

Mail Vulnerabilities

...

Vulnerabilities grouped by classification of e-mail

...

Medium Severity Vulnerabilities

...

Vulnerabilities grouped by severity of Medium

...

Operating System out of Support

...

The operating system has reached the End Of its Support

...

Remote Access Vulnerabilities

...

Vulnerabilities grouped by classification of remote access

...

Remote Login Vulnerabilities

...

Vulnerabilities grouped by classification of remote login

...

Running Services

...

Vulnerabilities grouped by classification of running services

...

SMB Vulnerabilities

...

Vulnerabilities related to SMB

...

SSL Certificate Info

...

SSL Certificate information

...

SSL/TLS Vulnerabilities

...

SSL/TLS-related Vulnerabilities

...

Web Server Fingerprint

...

Vulnerabilities grouped by classification of web server fingerprint

Problem Details

This screen gives detailed information about the selected Problem Group Name vulnerabilities. It includes the Problem Name, Description, Scoring Data, Assets count, and Companies affected.

...

Field

...

Description

...

Problem Name

...

Displays the unique CVE-ID or alike based on the vulnerability

...

Description

...

Displays the full description with details about the discovered vulnerability

...

Assets

...

Displays the number of assets; click to view additional details

...

Score

...

Displays the Base Score, EPSS Score, Exploitability Score, and Impact Score values based on the selected CVE-ID

...

Severity

...

Displays the severity of the selected vulnerability

Problem Name

This includes the unique CVE-ID or vulnerability description, with a link to the threat source.

...

Click on the CVE-ID value to be directed to the source.

(IE: https://nvd.nist.gov/vuln/detail/CVE-2008-7144)

...

Description

Includes the full description of the vulnerability.

...

Assets

Displays the number of assets associated with the selected vulnerability.

...

Score

Displays scores based on the vulnerability, including Base Score, EPSS Score, Exploitability Score, and Impact Score details.

...

Severity

The severity of the selected vulnerability is displayed and categorized as Critical, High, Medium, or Low.

...

Global Vulnerabilities - Action Toolbar Actions

The standard Alerts feature is only available on the right navigation bar; this displays the standard System Events data.

...

  • 85

  • Informational

...

Confirmed vs. Uncomfirmed Vulnerabilities

Note

ConnectSecure has a filter for Confirmed vs. Unconfirmed vulnerabilities; if we can not find the install path for an application, it will be displayed as unconfirmed

image-20240926-185735.pngImage Added

NOTE: Only confirmed vulnerabilities are counted towards the asset risk score grade

...

Affected Companies

The count of affected companies based on the selected problem category is displayed in red; tap on the filter bar to see the records:

...

You can tap on the Assets count to see the asset details.

...

Affected Assets

The count of affected assets based on the selected Problem Category is displayed.

...

Tap on the IP to see the agent details:

...

Suppressed Records

Tap to view any suppressed records organized in the table as shown:

...

You can use the three-dot Action menu to unsuppress from here:

...

How To: Suppress Problems (Vulnerabilities)

...

Auto Suppressed

Tap to view the auto-suppressed records:

...

Auto Suppression is managed at the Company Settings and Global Settings menus.

...

Registry

Tap to view vulnerabilities correlated to the Registry.

...

You can tap the Asset and Company counts to see the table details.

Use the three-dot Action menu if you want to suppress.

...

Remediated Registry

Tap to view remediated records related to the registry vulnerabilities:

...

Suppressed

Tap to view remediated records related to the suppressed vulnerabilities:

...

Installed Driver Vulnerabilities

Tap to view vulnerabilities correlated to installed drivers:

...

Installed Driver Remediation

Tap to view remediated records related to the driver vulnerabilities:

...

Tap on the Assets and Companies count to see table details.

...

Tap on the fix column to see the latest version and installation source.

...

Global Vulnerabilities - Action Toolbar

...

Jobs

Tap to view the historical jobs for all assets:

...

Alerts

Tap to view the System Events in a timeline-style view:

...

Info

https://cybercns.atlassian.net/wiki/x/MIDKfw

...

Direct link to the documentation page.

...

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

https://cybercns.freshdesk.com/en/support/login

...