Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 20 Next »

What are Company Problems?

In short, these are the vulnerabilities that the ConnectSecure scan agent(s) has discovered. Vulnerabilities are automatically categorized into Problem Groups to help us understand and communicate what type of vulnerabilities we are discovering.

image-20240506-183102.png

Company Problems - Table of Contents


Company Problems - Overview

This is your view of Problem Groups associated with Affected Assets for the selected company, including Suppressed Records.

Problems are the automatic groups discovered vulnerabilities will go into instead of just the traditional lists that include the CVE and severity. We are trying to make it easier to identify the type of vulnerabilities and group them for easier reporting and remediation.

Problem Groups

image-20240410-190614.png

As part of the V4 release, we have designed a new screen that provides a fresh view of what we call 'Problem Groups.' With this new screen, the system will automatically classify your vulnerabilities into logical groups, making it easier for you to remediate them. It will also help you generate accurate reports catering to your specific needs. See the details below for the full listing.

Problem Group Categories:

  • All Vulnerabilities

  • Critical Vulnerabilities

  • High Severity Vulnerabilities

  • Medium Severity Vulnerabilities

  • Low Severity Vulnerabilities

  • SMB Vulnerabilities

  • SSL/TLS Vulnerabilities

  • Remote Login Vulnerabilities

  • CISA Notified Vulnerabilities

  • EPSS >= 0.95

  • 0.95 > EPSS >= 0.90

  • 0.90 > EPSS >= 0.85

  • Database Vulnerabilities

  • Informational


Affected Assets

image-20240506-183353.png

View the Affected Assets for the selected company. The number of assets will be displayed in the title bar. Tap the asset IP to view details.

image-20240506-183630.png

You will see the Asset details and immediately be filtered down to the Problems section, with the Problem Group shown based on the selection from the previous click-throughs.


Suppressed Records

Suppressed Records can include any of the vulnerabilities identified by our problem groups, including application, OS, network scan, and external vulnerabilities.

image-20240506-183424.png

Tap here to view the suppressed vulnerabilities for the selected company.

Unsuppress

From the three-dot action menu, select ‘Unsuppress’ to bring a Problem back as Active.

image-20240506-183913.pngimage-20240506-183928.png

Company Problem - Group Name Glossary of Terms

The system automatically classifies discovered vulnerabilities into the specific Problem Group Names in the table below.

Problem Group Name

Description / Use Case

0.90 > EPSS >= 0.85

Vulnerabilities grouped by EPSS Scoring >=90/95%

0.85 > EPSS >= 0.90

Vulnerabilities grouped by EPSS Scoring >=85/90%

0.95 > EPSS >= 0.90

Vulnerabilities grouped by EPSS Scoring >=90/95%

CISA Notified Vulnerabilities

Vulnerabilities grouped by CISA classification; source CISA.GOV

Critical Vulnerabilities

Vulnerabilities grouped by severity of Critical

EPSS >= 0.95

Vulnerabilities grouped by EPSS Scoring >=95%

High Severity Vulnerabilities

Vulnerabilities grouped by severity of High

Informational

 Vulnerabilities grouped by category of Info Only

Low Severity Vulnerabilities

Vulnerabilities grouped by severity of Low

Medium Severity Vulnerabilities

Vulnerabilities grouped by severity of Medium

Remote Access Vulnerabilities

Vulnerabilities grouped by category of Remote Access

Remote Login Vulnerabilities

Vulnerabilities grouped by category of Remote Login

SMB Vulnerabilities

Vulnerabilities grouped by category of SMB

SSL Certificate Info

Vulnerabilities grouped by category of Certificates

SSL/TLS Vulnerabilities

 Vulnerabilities grouped by category of SSL/TLS


Company Problems - Action Toolbar Overview

image-20240422-194946.png

Company Problems - Action Toolbar Actions

Integration Action

Please select at least one record from Problems to use an existing integration.

If no integration is configured, you will get the following error: Integration not configured!

image-20240506-195425.png

This will give you a Short or Long Description option to use an Integration Action with.

Long Description = Host Name, Fix URL, Uninstall Path, Vulnerabilities Count, Source, Version

Short Description = Host Name, Fix URL, Uninstall Path, and Version

Actions vary based on the configuration of the integration you are using. These will include the Create, Update, and Close Ticket options.

image-20240506-195827.png

Select your Integration Profile, then tap Next to continue. Confirm the settings being used for the action, and then tap the Submit button to send it.

image-20240506-200814.png

Jobs

Tap to view Scan Job(s) historical data.

image-20240410-191652.png

Alerts

Set a date range to view the System Events and asset timeline.

image-20240410-191712.png

Info

Tap to view the Getting Started wizard; see the link below for additional information.

V4 Getting Started In App Info


Tap to view the corresponding Company Problems KB.


Company Problems - Suppression

You have an option to mark any discovered Problem as Suppressed. Doing so will move the Problem to the Suppressed Records section.

image-20240422-200213.png

How To: Suppress a Problem

  1. Select a Problem Name record or multiples using the checkboxes, then tap the Global Actions > Suppress button.

image-20240422-200506.png

NOTE: Suppression of any Problem will require approval and a reason.

Approval Process - Self Approve (requires Admin or Approver permissions)

Using this option, you must enter your Suppression Comments and the date options, which include permanent or a start/end date range.

image-20240422-200828.png

Approval Process - Other User

User Type = Internal User

Using this option, you must choose from the drop-down of available Internal Users (in User Management) with Admin or Approver permissions, along with the required comments and date parameters.

image-20240422-201134.png

User Type = External User

Using this option, you must enter the email address into the external user column, along with the required comments and date parameters.

image-20240422-201228.png

Enter comma-separate emails for more than one.


How To: Suppress Problems

CS-How-To.png

How To: Unsuppress Problems

Using a global action option, you can unsuppress a previously suppressed Problem either one record at a time or in mass.

CS-How-To.png

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

https://cybercns.freshdesk.com/en/support/login

image-20240206-144508.png
  • No labels