Purpose and use cases
The purpose of this feature is to provide you with a way to create and attach custom-made tags on vulnerabilities and use them for search and automation purposes. You can add risk impact, priorities, and vulnerability-metadata information on top of the existing vulnerabilities-instances. The bottom line, you get to decide what to do with the tags and how they serve you. Here are some usage examples:
Add vulnerability tracking information such as owner, status, patching tool to be used, etc.
Flag “hot” vulnerabilities
Mark vulnerabilities as “Read” or ”Reviewed”
Create a TODO list based on tags
Mark vulnerabilities to be focused on for a Patch-Tuesday
Enrich meta info on vulnerabilities by adding details to a specific vulnerability, such as "High maturity exploit"
Mark Vulnerabilities as "vulnerabilities to ignore" (but not on the instance level)
Use your Vulnerability tags to assign and prioritize vulnerabilities to teams (manually or automated)
Search/filter by your own custom Vulnerability Tags
Use for API queries
Create/Attach Vulnerability Tags
There are 2 ways to create a Vulnerability Tag:
or
Create and attach Vulnerability Tag by selecting vulnerabilities first
Go to the Vulnerabilities page
Select the vulnerabilities for which you want to create a tag
Click on the Tag icon
Select from the existing Vuln. Tag list or click to Create a new tag (Insert a tag name, description if relevant, and color)
Click Create, then Apply.
Create a tag for future use
Go to the Vulnerabilities page
Click on the Tag icon
Click Create a new tag
Insert a tag name, description (optional), and color.
Note: The description appears upon a mouse hover. This is why we recommend you insert a meaningful indicative description to help other team members understand the purpose of the tag.Click Create, then Close (or create another tag).
Detach Vulnerability Tags
To detach a vulnerability tag:
Go to the Vulnerabilities page
Select a vulnerability or more that have Vulnerability tags
Click the Tag icon
Detach the tags by unselecting them
Click Apply
Note: To detach a Vulnerability Tag from several vulnerabilities, you must select only vulnerabilities that have the intended tag in common.
Search/filter by your own custom Vulnerability Tags
You can search for / filter by your own Vulnerability Tags:
Go to the Vulnerabilities page
In the "Search or filter vulnerabilities" field, scroll down to Vuln. Tags (or type it in the search)
Select the relevant tag from the list to view the results
Use Vulnerability Tags to create automation (Playbook)
Since Vulnerability Tags are basically a meta-data element, you can use them as a condition in any kind of automation you create.
Here is an example:
Expected behavior explained
Viewing common vulnerability tags
When selecting several Vulnerabilities and then clicking on the Tag icon, the tag selection field is automatically populated with only the common tags among all selected vulnerabilities. This means that if you select a bunch of vulnerabilities that at least one of them doesn't have a common tag with the rest, the tag selection field won't be populated with any tags.
See it in action:
Attaching a Vulnerability Tag to several vulnerabilities
If you select several vulnerabilities to attach a tag to, and some of them already have the intended tag, then the system adds the tag only to the vulnerabilities that don't already have it.
See it in action:
Known Limitations
This is a Beta version. Therefore, we would like to share with you the following known temporary limitations. The below should be resolved in future releases.
You cannot edit the description of a tag - but you can always create a new tag with a better description if needed.
You cannot delete tags - you can only detach tags from vulnerabilities.
New endpoints for using the Vulnerability Tags via API will be released soon.