IT security
The Risk Monitor use cases in this section focus on identifying and managing vulnerable applications.
See details about the IT estate's exposure to software vulnerabilities
-
Go to the Vulnerability exposure dashboard and explore the data.
See Vulnerability exposure to learn more about what you can see and do on the dashboard.
Find out if the vulnerability connected to a certain CVE id is present in your IT estate
This can be useful when a new CVE id has been issued and you want to know if your IT estate is exposed to it.
-
On the Vulnerability exposure dashboard, enter the CVE id for the vulnerability into the CVE ID filter.
The dashboard is filtered to show only results for the vulnerability connected to the CVE id. If the vulnerability does not exist in the IT estate, the dashboard will show blank results.
-
Study the key figures, charts, and tables to gain knowledge about the vulnerability. You can, for example, look at:
-
The Vulnerable devices figure to see how many devices are affected by the vulnerability.
-
The table Vulnerability details per application to see details about the vulnerability, such as the severity level, a short description, and the names of the applications containing the vulnerability.
-
The table Vulnerable devices to see all the devices with an application containing the vulnerability.
-
If you want to fix the vulnerability, see the Find links to security updates and patches for a vulnerability section.
Find links to security updates and patches for a vulnerability
You have pinpointed a vulnerability in one of the following tables:
-
Vulnerability details per application on the Vulnerability exposure dashboard.
-
Vulnerability details on the Vulnerability explorer dashboard.
-
In the table, right-click the description for the vulnerability in the Details column and select Drill through > Vulnerability reference.
The Vulnerability reference view is displayed.
-
Select one or more links in the ReferenceURL column to go to web pages providing security updates and patches for the vulnerability.
See all users, devices, or applications that are impacted by a specific vulnerability
-
To see a list of all users impacted by a vulnerability, go to the Users dashboard and enter the CVE identifier number for the vulnerability into the CVE ID filter.
The User details table will list all users with access to devices containing the vulnerability.
For devices and applications, carry out the corresponding action on the Devices and Applications dashboards, respectively. The devices and applications impacted by the vulnerability are listed in the Device details and Application details tables.
You can export the data in the lists to a .csv or .xlsx file by selecting the More options menu in the upper-right corner of the list and then select Export data.
Create an alert for vulnerabilities with a base score of 8 or higher
You will be notified when vulnerabilities with a base score of 8 or higher appear in your IT estate. See Alerting & API for more information on how to use alerts.
-
Follow the instructions for creating an alert and set the following parameters for the criterion in the Condition section:
-
Filter: Base Score
-
Condition: Greater Than or Equal To
-
Value: 8
-
You can of course set any base score range you like, and add more criteria to narrow the target of the alert, for example by using the filter Device Type to focus on critical vulnerabilities for a certain device type, such as servers.
Find all vulnerabilities in your organization that could be exploited remotely via the Internet
-
Go to the Vulnerability explorer dashboard.
-
In the Exploitability Metrics section, select the Attack vector parameter Network.
-
Look at the Vulnerability details table to see all vulnerabilities that meet the criterion.
-
Use for example the data in the Base Score and Published Date columns to identify the most severe and oldest vulnerabilities.
-
Right-click a vulnerability and select Drill through > Vulnerability reference to reach references to online resources for further details of the vulnerability.
-
Find all vulnerabilities in your organization that could lead to severe leakage of protected data if exploited
-
Go to the Vulnerability explorer dashboard.
-
In the Impact Metrics section, select the Confidentiality parameter Complete.
-
Look at the Vulnerability details table to see all vulnerabilities that meet the criterion.
-
Use for example the data in the Base Score and Published Date columns to identify the most severe and oldest vulnerabilities.
-
Right-click a vulnerability and select Drill through > Vulnerability reference to reach references to online resources for further details of the vulnerability.
-