Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

Problem Category Group Overview

ConnectSecure classifies all discovered vulnerabilities into our Problem Groups. These categories are available at the various Problems and Vulnerabilities screens in the portal.

Here is an example of what we are referring to:

...

Problem Category Group Details

Problem Group Name

Problem Group Type

Severity

Weightage (Risk Scoring)

Critical Vulnerabilities

Vulnerability

Critical

0.9

High Severity Vulnerabilities

Vulnerability

High

0.8

Medium Severity Vulnerabilities

Vulnerability

Medium

0.5

Low Severity Vulnerabilities

Vulnerability

Low

0.3

SMB Vulnerabilities

Network vulnerabilities

Critical

0.9

SSL/TLS Vulnerabilities

Network vulnerabilities

High

0.8

SSL Certificate Info

Network vulnerabilities

Low

0.1

Running Services

Network vulnerabilities

Low

0.1

Web Server Fingerprint

Network vulnerabilities

Low

0.3

Remote Login Vulnerabilities

Network vulnerabilities

Critical

0.8

Information Disclosure

Network vulnerabilities

Low

0.3

Antivirus Not Installed

Asset problems

High

0.7

Backup Not Performed

Asset problems

High

0.8

Firewall Misconfiguration

Asset problems

Critical

0.95

Operating System Out Of Support

Asset problems

High

0.7

User Password Never Expires

AD Problems

High

0.8

User Password Not Required

AD Problems

High

0.95

Active Users Not Logged In For 30 Days

AD Problems

High

0.5

MFA Not Enabled For Azure Users

AD Problems

High

0.7

CISA Notified Vulnerabilities

Vulnerabilities Exploit

Critical

1

EPSS >= 0.95

Vulnerabilities Exploit

Critical

1

0.95 > EPSS >= 0.90

Vulnerabilities Exploit

High

0.75

0.90 > EPSS >= 0.85

Vulnerabilities Exploit

Medium

0.5

0.85 > EPSS >= 0.90

Vulnerability

Low

0.3

Database Vulnerabilities

Network vulnerabilities

Critical

0.8

Mail Vulnerabilities

Network vulnerabilities

Critical

0.8

Remote Access Vulnerabilities

Network vulnerabilities

Critical

0.9

User Account Lockouts

AD Problems

Low

0.35

Failed Login Attempts

AD Problems

Low

0.35

Empty Security Groups

AD Problems

High

0.1

Non-Security Enabled Groups

AD Problems

High

0.1

Multiple Administrators In OU

AD Problems

High

0.8

Computer Not Logged In For 30 Days

AD Problems

High

0.95

Password Policy Compliance

AD Problems

High

0.8

Informational

Network vulnerabilities

Info

0

...