Page Overview

The Vulnerabilities Page displays all the vulnerabilities in your organization ingested from the connectors. The Vulnerabilities page is your main pane of glass for viewing, managing, and taking action on vulnerabilities. The page contains three primary tabs:

Unique Vulnerabilities

The Vulcan Platform divides the vulnerabilities into three risk statuses compatible with the vulnerability remediation lifecycle.

“Vulnerable”: Vulnerabilities which represent a risk to your organization. These vulnerabilities can be in one of two statuses:
- Vulnerable: There is no remediation campaign opened for this Vulnerability.
- In Progress: Vulnerability is associated with a remediation campaign.
“Fixed”: Vulnerabilities that their resolution was validated by a connected scanner and was found to be remediated.
“Ignored”: Vulnerabilities the user had accepted their risk or had chosen to “snooze” remediation activities related to them for a specific time.

The user can view the vulnerabilities filtered by their risk status by clicking the relevant tab.

Each Vulnerability ingested to the Vulcan Platform is enriched with the following:

Assets and business-related data
Business-context-oriented risk calculation
Integrated connectors feeding the Vulcan platform (Cloud repositories, CMDBs, TI, Agent-based platforms, Etc.)
Threat intelligence (exploits, running campaigns, threat types) and remediation intelligence.

Reviewing Vulnerabilities

Unique Vulnerabilities are displayed in a primary table form that allows you to:

Review basic vulnerability information at a glance
Review vulnerabilities by Risk Severity
Reorganize columns with a simple Drag and Drop
Hover over data for more info
Review Vulnerability Details

Filtering Vulnerabilities

You can use the Magic Search bar and filter to present the vulnerabilities you are interested in.

Apply several filtering criteria to narrow down the search results.
Save filtering criteria to quickly re-apply the search when needed.

Vulnerability filters and table columns

Glancing at vulnerabilities' essential details and filtering vulnerabilities have never been easier. Apply filters to narrow down the vulnerability list and focus your search.

Available table columns and info

Available search filters

Name – the Vulnerability’s name as ingested from the source scanner
Max Risk – the maximum risk that Vulcan’s risk algorithm calculated for the Vulnerability across all the assets with this Vulnerability
Min Risk – the minimum risk that Vulcan’s risk algorithm calculated for the Vulnerability across all the assets with this Vulnerability
Source – the vulnerabilities source scanner
First Seen – first known appearance of the Vulnerability in the system
Last Seen – last time, this Vulnerability was confirmed to still be active in the system
Assets – number and type of assets vulnerable to this Vulnerability
SLA – number of SLAs currently being breached
Business Groups – The Business Groups the vulnerable assets belong to
Threat Tags - Threat tags attached to the Vulnerability

Business Group
Above SPR Threshold
Asset Name
Asset source
Base Image
Connector
CVE
CVSS Score
Excluded tags
First Seen (days ago)
HackerOne Assigned To
Has Fix Type
OS
OS and version
Qualys ID (QID)
Risk level
SLA Status
Status
Tags
Threats
Time to SLA (days)
Vuln. Tags
Vulnerability source
Vulnerability type

Reviewing Vulnerability Details

Learn all about the information presented in Vulnerability Details.

Reading Vulnerability Threat Tags

Learn about Vulnerability Threat Tags in the Vulcan Platform

Exporting Vulnerabilities

Learn all about exporting Assets and Vulnerabilities.

Creating Vulnerability Tags

Learn how to add metadata information to vulnerabilities for your use.

Taking Action on a Vulnerability

Learn how to Take Action on Vulnerability

Vulnerability Details

BlackDuck Connector (new revision)

Microsoft Defender Vulnerability Management Connector

Assets Page

Understanding Vulnerability Risk