Company Problems - Table of Contents
Company Problems - Overview
As part of the V4 release, we have designed a new screen that provides a fresh view of what we call 'Problem Groups.' With this new screen, the system will automatically classify your vulnerabilities into logical groups, making it easier for you to remediate them. It will also help you generate accurate reports catering to your specific needs.
Company Problems - Details
Problem Details include the following data fields: Problem Name, Description, Assets, Score, and Severity. These details will be updated based on the Problem Group Name selected.
Field Label | Description / General Use |
---|---|
Problem Name | Displays the detected vulnerabilities CVE-ID |
Description | Provides a description of the CVE-ID (Problem Name) |
Assets | Displays the count of Assets with the CVE-ID (Problem Name) |
Score | Displays the Base, EPSS, Exploitability, and Impact Scores. |
Global Problem Group Name - Glossary of Terms
The system automatically classifies discovered vulnerabilities into the specific Problem Group Names in the table below.
Problem Group Name | Description / Use Case |
---|---|
0.85 > EPSS >= 0.90 | Vulnerabilities grouped by EPSS Scoring >=85/90% |
0.90 > EPSS >= 0.85 | Vulnerabilities grouped by EPSS Scoring >=90/95% |
0.95 > EPSS >= 0.90 | Vulnerabilities grouped by EPSS Scoring >=90/95% |
Antivirus Not Installed | Vulnerabilities grouped by AV checks; not installed. |
Backup Not Performed | Vulnerabilities grouped by Backup Software check. |
CISA Notified Vulnerabilities | Vulnerabilities grouped by CISA classification; source CISA.GOV |
Critical Vulnerabilities | Vulnerabilities grouped by severity of Critical |
Database Vulnerabilities | Vulnerabilities grouped by category of Database. |
EPSS >= 0.95 | Vulnerabilities grouped by EPSS Scoring >=95% |
Firewall Misconfiguration | Vulnerabilities grouped by category of Firewall misconfig |
High Severity Vulnerabilities | Vulnerabilities grouped by severity of High |
Information Disclosure | Vulnerabilities grouped by category of Info Disclosure |
Informational | Vulnerabilities grouped by category of Info Only |
Low Severity Vulnerabilities | Vulnerabilities grouped by severity of Low |
Mail Vulnerabilities | Vulnerabilities grouped by category of Mail |
Medium Severity Vulnerabilities | Vulnerabilities grouped by severity of Medium |
Operating System out of Support | Operating Out of Support |
Remote Access Vulnerabilities | Vulnerabilities grouped by category of Remote Access |
Remote Login Vulnerabilities | Vulnerabilities grouped by category of Remote Login |
Running Services | Vulnerabilities grouped by category of Running Services |
SMB Vulnerabilities | Vulnerabilities grouped by category of SMB |
SSL Certificate Info | Vulnerabilities grouped by category of Certifcates |
SSL/TLS Vulnerabilities | Vulnerabilities grouped by category of SSL/TLS |
Web Server Fingerprint | Vulnerabilities grouped by category of Web Server Fingerprint |
Company Problems - Side Navigation Toolbar Overview
Problems Suppress - tap to suppress a problem; select at least one problem to use the suppression feature.
Problems Suppressed Records - tap to view any problems previously suppressed.
Jobs - tap to view any scanned jobs and their current status.
Alerts - tap to view System Events, time-line style.
Company Problems - Side Navigation Toolbar Actions
Problems Suppress
Approval Process
Self Approve
When using Self Approve, you must enter a Reason, Comments, and a Date Range.
You can also mark suppression as permanent if necessary.
Other User
Other User will require you to select either the External or Internal User option.
Internal User
This is used to send the approval to an internally licensed ConnectSecure user. Their user email address will be displayed in the ‘Send To Internal User’ drop-down shown in #3 below.
Select the user(s) to send the approval email and complete the Comments, Date Range, and required fields.
After Save, an email is sent to the selected user(s) where they can click the Approve/Reject button from the email to leave remarks.
Internal Users will be directed to the ConnectSecure Portal and see the Approve/Reject Suppression panel, where you will see the Problem Name, Problem ID, Reason, Suppression Request Sent Time, Suppression Status, Suppressed On, Suppressed Til, and Company Name fields.
Tap on the three-dot action menu under Action to use the Approve or Reject buttons.
Approve - enter your approval comment that is required, then tap Approve.
Reject - enter your rejection comment that is required, then tap Reject.
From the Company > Assets > Problems screen, you can see the Problems/Suppressed Records to view the status and details of any suppressed problems.
External User
This is used to send the approval to an external user using a valid email address; enter those in the ‘Send To External User’ field as shown in #3 below.
User Type
Internal
External
Roles: Admin or ‘Approver’ attached to the role
We have audit logs to show WHO did the suppress / emails capture
Content
To suppress a problem, click the checkbox to select and then tap the Problems Suppress icon.
You will be prompted to enter additional details before suppressing the problem.
You can choose to either Self Approve or choose Other User
Selecting the Self Approve options requires a Comment, Start Date, and End Date.
You will be prompted to choose a User Type when using the system provided by Other User. You can either select Internal User or External User.
If you choose Internal User, you will see a drop-down list from which you can select the specific Internal User who will receive the email notification for this impression.
On the other hand, if you choose External User, you must enter the email addresses separated by commas of those who will receive the approval email.
Problems Suppressed Records
Tap here to view historical data for any vulnerabilities marked as suppressed; this includes the Problem Name, Reason, Suppression Request Sent Time, Suppression Status, Suppressed On, and Suppressed Till fields.
Jobs
Tap to view Scan Job(s) historical data, which includes Created, Scan Type, Agent Name, Job Status, and Description.
Alerts
Tap to view the System Events, timeline-style alerts.
Need Support?
Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.
https://cybercns.freshdesk.com/en/support/login