Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

This is your view of all vulnerabilities for the selected company. This includes the application, operating system, registry, and network-based vulnerabilities in one spot.

image-20240403-201947.png

Vulnerabilities are grouped by our Problem Group Names automatically, based on their classification(s).

image-20240403-202244.png

Company Vulnerabilities - Table of Contents

Company Vulnerabilities - Overview

The data is organized and can be sorted from the Problem Group Name pod. This includes the following:

  1. Problem Count

  2. Asset Count

image-20240202-214952.png

Once you have selected one of the Problem Group options from the left panel, you will see the Problem Details pod on the right side of the screen display the details, which include the Problem Name, Description, Assets, Score, and Severity data.

image-20240202-215126.png

Tap on the CVE-ID in the Problem Name field to see the NIST/NVD source reference.

image-20240202-215253.pngimage-20240202-215553.png

Company Vulnerabilities - Details

Problem Group Name

The system automatically classifies discovered vulnerabilities into the specific Problem Group Names in the table below.

Problem Group Name

Description / Use Case

0.85 > EPSS >= 0.90

Vulnerabilities grouped by EPSS Scoring >=85/90%

0.90 > EPSS >= 0.85

Vulnerabilities grouped by EPSS Scoring >=90/95%

0.95 > EPSS >= 0.90

Vulnerabilities grouped by EPSS Scoring >=90/95%

Antivirus Not Installed

Antivirus is not installed on the Asset

Backup Not Performed

Backup Agent is not installed on the Asset

CISA Notified Vulnerabilities

Vulnerabilities grouped by CISA classification; source CISA.GOV

Critical Vulnerabilities

Vulnerabilities grouped by severity of Critical

Database Vulnerabilities

Vulnerabilities grouped by classification of database

EPSS >= 0.95

Vulnerabilities grouped by EPSS Scoring >=95%

Firewall Misconfiguration

Vulnerabilities grouped by classification of firewall misconfigure

High Severity Vulnerabilities

Vulnerabilities grouped by severity of High

Information Disclosure

Vulnerabilities grouped by classification of information disclosure

Informational

This information captured is for information purpose

Low Severity Vulnerabilities

Vulnerabilities grouped by severity of Low

Mail Vulnerabilities

Vulnerabilities grouped by classification of e-mail

Medium Severity Vulnerabilities

Vulnerabilities grouped by severity of Medium

Operating System out of Support

The operating system has reached the End Of its Support

Remote Access Vulnerabilities

Vulnerabilities grouped by classification of remote access

Remote Login Vulnerabilities

Vulnerabilities grouped by classification of remote login

Running Services

Vulnerabilities grouped by classification of running services

SMB Vulnerabilities

Vulnerabilities related to SMB

SSL Certificate Info

SSL Certificate information

SSL/TLS Vulnerabilities

SSL/TLS-related Vulnerabilities

Web Server Fingerprint

Vulnerabilities grouped by classification of web server fingerprint

Problem Details

This screen gives detailed information about the selected Problem Group Name vulnerabilities. It includes the Problem Name, Description, Scoring Data, Assets count, and Companies affected.

image-20240202-215813.png

Field

Description

Problem Name

Displays the unique CVE-ID or alike based on the vulnerability

Description

Displays the full description with details about the discovered vulneability

Assets

Displays the number of assets; click to view additional details

Score

Displays the Base Score, EPSS Score, Exploitability Score, and Impact Score values based on the selected CVE-ID

Severity

Displays the severity of the selected vulnerability

Problem Name

This includes the unique CVE-ID or vulnerability description, with a link to the threat source.

image-20240202-215837.png

Click on the CVE-ID value to be directed to the source.

(IE: https://nvd.nist.gov/vuln/detail/CVE-2020-15530)

image-20240202-215911.png

Description

Includes the full description of the vulnerability.

image-20240202-215947.png

Assets

Displays the number of assets associated with the selected vulnerability.

image-20240202-220014.png

Score

Displays scores based on the vulnerability, including Base Score, EPSS Score, Exploitability Score, and Impact Score details.

image-20240202-220045.png

Severity

The selected vulnerability's severity is displayed and categorized as Critical, High, Medium, or Low.

image-20240202-220111.png

Company Vulnerabilities - Toolbar Actions

The action toolbar options include Vulnerability Suppress, Suppressed Records, Asset Scans, Jobs, and Alerts.

Vulnerability Suppress

First, select at least one of the CVE-IDs from the Problem Details and Problem Name records, then tap the Vulnerability Suppress icon to suppress.

image-20240403-202738.png

Complete the required fields for Suppress Problems, then tap Save to complete.

image-20240202-220448.png

Suppressed Records

Tap this button to access suppressed records of the selected company.

image-20240403-203022.pngimage-20240403-202848.png

Alerts

Tap to view the System Events, in timeline-style format.

image-20240202-220918.png

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

https://cybercns.freshdesk.com/en/support/login

image-20240206-144508.png
  • No labels