Vulnerability list

The vulnerability list displays all the vulnerabilities in your system from all the different sources – be it infrastructure, application security or others. This is your single pane of glass for viewing, managing and remediating vulnerabilities.

Vulnerability risk status

The platform divides the vulnerabilities in it to four risk statuses, compatible with the vulnerability remediation lifecycle:

• “Vulnerable” – vulnerabilities which represent risk to your organization. These can be pending or in progress.
• “Fixed” vulnerabilities – vulnerabilities that their resolution was validated by a scan and were found to be remediated.
• “Ignored” – vulnerabilities whose the user had accepted their risk or had chosen to “snooze” remediation activities related to them for a certain period of time.

The user can view the vulnerabilities filtered by their risk statys by clicking the relevant tab or choose to view all vulnerabilities by choosing the “All” tab.

Each vulnerability ingested to the Vulcan Platform is being enriched with assets and business-related data, consumed from connectors feeding the Vulcan platform (Cloud repositories, CMDBs, Agent-based platforms, Etc.) as well as threat intelligence (exploits, running campaigns, threat types) and remediation intelligence (patches, configuration changes, workarounds and compensating controls). 

Table

The vulnerabilities are displayed in a table with the following fields:

• Name – the vulnerability’s name as ingested from the source scanner
• Risk – the assigned risk Vulcan’s risk algorithm calculated for the vulnerability
• Source – the vulnerabilities source scanner
• Discovery time – first known appearance of the vulnerability in the system
• Status – The vulnerability’s status
• Assets – number and type of assets vulnerable to this vulnerability
• Threats – The threat intelligence that exists for this vulnerability in the wild – exploits, malware, OWASP Top 10 and more.
• Business Groups – The Business Groups (see below) that the vulnerable assets belong to

Business groups

By clicking on the Business Group dropdown menu, and choosing a specific business group of the list, the vulnerability table will filter and show only vulnerabilities of the specific business group chosen, as well as the business associated risk.

Search bar

The search bar allows the user to build custom searches, based on different fields in the table, associated with the vulnerabilities, which will filter the vulnerability table accordingly. The user builds the search simply by clicking the search bar and choosing the parameter or parameters to search on.  

In addition to the free text search, the following parameters are filterable in the Vulnerability list:

• Risk level
• Vulnerability source
• Threats
• CVSS
• OS and version
• Discovery time
• Asset source
• Qualys ID (QID)
• CVE
• SCCM patchable
• Status
• Tags
• Excluded tags

Saved searches

Create a new Saved Search

To create a new Saved Search, follow these steps:

1. Use the search bar to filter the vulnerability list by your desired criteria.
2. Click “Save”.
3. Give your new Saved Search a meaningful name.
4. Click “Save”.

Edit an existing Saved Search

To edit an existing Saved Search, follow these steps:

1. Click the Saved Searches dropdown menu.
2. Find the Saved Search you want to edit.
3. Click the pencil icon.
4. Edit the Saved Search’s name.
5. Click “Save”.

Delete a Saved Search

To Delete an existing Saved Search, follow these steps:

1. Click the Saved Searches dropdown menu.
2. Find the Saved Search you want to edit.
3. Click the trashcan icon.
4. Click “Delete”.

Export

To export the vulnerability list to CVS, click the “Export” button. Note: the exported file will contain the vulnerabilities currently shown in the list, depending on the applied filter. To export all the vulnerabilities in your system, simply remove any filters from the search bar and click “Export”.