Global Problems
- Ryan Seymour
What are Global Problems?
In short, these are the vulnerabilities and problems that the ConnectSecure scan agent(s) have discovered. Problems are automatically categorized into Problem Category groups to help us understand and communicate the type of vulnerabilities we find.
Global Problems - Table of Contents
- 1 Global Problems - Overview
- 2 Global Problem Category Name - Glossary of Terms
- 3 Global Problem Details - Overview
- 4 Global Problems - Details
- 4.1 Problem Name
- 4.2 Description
- 4.3 Assets
- 4.4 Severity
- 4.5 ConnectSecure Score
- 4.6 NVD Scores
- 4.7 Companies
- 4.8 Suppressed Records
- 4.9 Auto Suppressed
- 5 Global Problem View Switching - Global to Company
- 6 Global Problems - Action Toolbar Actions
- 7 Need Support?
Global Problems - Overview
Problems are the automatic groups discovered vulnerabilities will go into instead of just the traditional lists that include the CVE and severity. We are trying to make it easier to identify the type of vulnerabilities and group them for easier reporting and remediation.
The Problems screen automatically describes the Problem Category Names and counts for each Problem Category.
Global Problem Category Name - Glossary of Terms
The system automatically classifies discovered vulnerabilities into the specific Problem Category Names in the table below.
Problem Category | Description |
|---|---|
All Vulnerabilities | Displays all discovered vulnerabilities for all categories |
Critical Severity Vulnerabilities | Displays critical-severity vulnerabilities only |
High Severity Vulnerabilities | Displays high-severity vulnerabilities only |
Medium Severity Vulnerabilities | Displays medium-severity vulnerabilities only |
Low Severity Vulnerabilities | Displays low-severity vulnerabilities only |
SMB Vulnerabilities | Displays the SMB protocol-related vulnerabilities |
SSL/TLS Vulnerabilities | Displays the SSL?TLS cipher/certificate-based vulnerabilities |
Remote Login Vulnerabilities | Displays the remote login-based vulnerabilities |
CISA Notified Vulnerabilities | Displays the CISA-classified vulnerabilities |
EPSS >= 0.95 | Displays the vulnerabilities where the EPSS score is greater than or equal to 95% |
EPSS Between 0.90 & 0.95 | Displays the vulnerabilities where the EPSS score is between .90 and .95% |
EPSS Between 0.90 & 0.85 | Displays the vulnerabilities where the EPSS score is between .90 and .85% |
Informational | Displays the vulnerabilities where the category is informational only; these do not carry a CVE or impact the risk score or asset scoring of the company |
Global Problem Details - Overview
This screen gives detailed information about the Problems. It lets you quickly sort and filter the data based on the Problem Category categories.
Switch between the Prob
Global Problems - Details
Problem Name
This includes the unique CVE-ID or description of the vulnerability.
Click on the CVE-ID or Problem Name value to be directed to the source.
Example from above: https://nvd.nist.gov/vuln/detail/CVE-2012-3807
Description
Includes the description of the vulnerability.
Assets
Displays the count of Assets affected by the vulnerability.
Click on the number count to see the asset's IP, Host Name, Importance, and Company Name.
Severity
Displays the Severity category for the selected vulnerability.
ConnectSecure Score
This is used for End-of-Life scoring, which will be displayed as a 10 since security updates are no longer provided to the EOL software.
Otherwise, the ConnectSecure Score will simply be the same as the NVD Base Score (for any non EOL)
NVD Scores
Displays scores based on the vulnerability, including Base, Impact, and Exploitability from the National Vulnerability Database (NVD).
Companies
Displays the number of companies affected by the vulnerability.
Click on the number count to see assets by Company and Count.
Click on the number count to see asset IP, Host Name, Importance, and Company Name.
Clicking the asset IP will take you to the Asset Details view.
Suppressed Records
Tap here to view any Approved, Open, or Closed-out problems marked for suppression.
NOTE: If you suppress a single CVE-ID, it will also suppress any related or superseded CVE-IDs that are related, and these will show up in the Suppressed Records area.
Auto Suppressed
These problems have been automatically suppressed based on your Suppress Vulnerabilities Days settings, which are available at both company and global levels.
Global Settings | Suppress Vulnerabilities Days
Company Settings | Suppress Vulnerabilities Days
Global Problem View Switching - Global to Company
We have simplified switching between Global Problems and Company Problems by changing the Company value in the top-right corner of the drop-down menu. Select any company, and the list will automatically update with filtered information.
Global Problems - Action Toolbar Actions
The action toolbar contains the Jobs, Alerts, Info, and Help Link options.
Need Support?
Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.
https://cybercns.freshdesk.com/en/support/login