Overview


Purpose and use cases

The purpose of this feature is to provide you with a way to create and attach custom-made tags on vulnerabilities and use them for search and automation purposes. You can add risk impact, priorities, and vulnerability-metadata information on top of the existing vulnerabilities-instances. The bottom line, you get to decide what to do with the tags and how they serve you. Here are some usage examples:

  • Add vulnerability tracking information such as owner, status, patching tool to be used, etc.​

  • Flag “hot” vulnerabilities​

  • Mark vulnerabilities as “Read” or ”Reviewed”

  • Create a TODO list​ based on tags

  • Mark vulnerabilities to be focused on for a Patch-Tuesday

  • Enrich meta info on vulnerabilities by adding details to a specific vulnerability, such as "High maturity exploit"

  • Mark Vulnerabilities as "vulnerabilities to ignore" (but not on the instance level)

  • Use your Vulnerability tags to assign and prioritize vulnerabilities to teams (manually or automated)

  • Search/filter by your own custom Vulnerability Tags

  • Use for API queries


Create/Attach Vulnerability Tags

There are 2 ways to create a Vulnerability Tag:

Create and attach Vulnerability Tag by selecting vulnerabilities first

  1. Go to the Vulnerabilities page

  2. Select the vulnerabilities for which you want to create a tag

  3. Click on the Tag icon

  4. Select from the existing Vuln. Tag list or click to Create a new tag (Insert a tag name, description if relevant, and color)

  5. Click Create, then Apply.

Create a tag for future use

  1. Go to the Vulnerabilities page

  2. Click on the Tag icon

  3. Click Create a new tag

  4. Insert a tag name, description (optional), and color.
    Note: The description appears upon a mouse hover. This is why we recommend you insert a meaningful indicative description to help other team members understand the purpose of the tag.

  5. Click Create, then Close (or create another tag).


Detach Vulnerability Tags

To detach a vulnerability tag:

  1. Go to the Vulnerabilities page

  2. Select a vulnerability or more that have Vulnerability tags

  3. Click the Tag icon

  4. Detach the tags by unselecting them

  5. Click Apply

    Note: To detach a Vulnerability Tag from several vulnerabilities, you must select only vulnerabilities that have the intended tag in common.


Search/filter by your own custom Vulnerability Tags

You can search for / filter by your own Vulnerability Tags:

  1. Go to the Vulnerabilities page

  2. In the "Search or filter vulnerabilities" field, scroll down to Vuln. Tags (or type it in the search)

  3. Select the relevant tag from the list to view the results


Use Vulnerability Tags to create automation (Playbook)

Since Vulnerability Tags are basically a meta-data element, you can use them as a condition in any kind of automation you create.

Here is an example:


Expected behavior explained

Viewing common vulnerability tags

When selecting several Vulnerabilities and then clicking on the Tag icon, the tag selection field is automatically populated with only the common tags among all selected vulnerabilities. This means that if you select a bunch of vulnerabilities that at least one of them doesn't have a common tag with the rest, the tag selection field won't be populated with any tags.

See it in action:

Attaching a Vulnerability Tag to several vulnerabilities

If you select several vulnerabilities to attach a tag to, and some of them already have the intended tag, then the system adds the tag only to the vulnerabilities that don't already have it.

See it in action:


Known Limitations

This is a Beta version. Therefore, we would like to share with you the following known temporary limitations. The below should be resolved in future releases.

  • You cannot edit the description of a tag - but you can always create a new tag with a better description if needed.

  • You cannot delete tags - you can only detach tags from vulnerabilities.

  • New endpoints for using the Vulnerability Tags via API will be released soon.

Did this answer your question?