A vulnerabilityA known issue or weakness in a system, procedure, internal control, software package, or hardware that could be used to compromise security. is a weakness in your system, which reduces your system's information assurance. USM Anywhere helps you to define, identify, classify, and prioritize the vulnerabilities in your system.
USM Anywhere provides a centralized view of your vulnerabilities. Navigate to ENVIRONMENT > VULNERABILITIES.
The vulnerabilities page displays information on vulnerabilities. On the left you can find the search and filters options. Across the top, you can see any filters you have applied, and you have the option to create and select different views of the vulnerabilities. The main part of the page is the actual list of vulnerabilities. Each row describes an individual vulnerability.
If you want to analyze the data, you can maximize the screen and hide the filter panel. Click the Expanded Filter Panel icon () to hide the filter panel. Click the Collapsed Filter Panel icon () to expand the filter panel.
|Column Field Name||Description|
|Last Seen||Last date on which the vulnerability was seen in the asset. The displayed date depends on your computer's time zone|
|Vulnerability ID||Displays the associated CVEThe CVE system provides a method, using CVE IDs, to reference publicly known information security vulnerability and exposures in publicly released software packages and environments. ID, if it exists|
Displays the name of the vulnerability
|Labels||Label(s) applied to the vulnerability|
|Asset||This is the asset that is vulnerable|
Indicates the severity of the vulnerability. Values are High, Medium, Low, and Under Analysis. See About Vulnerability Severity
|Score||Common Vulnerability Scoring System (CVSSOpen framework for communicating the characteristics and severity of software vulnerabilities that helps to prioritize actions according to their threat.), see Common Vulnerability Scoring System SIG|
|First Seen||Date of the detection of the vulnerability in the asset. The displayed date depends on your computer's time zone|
- Add to current filter. Use this option to add the asset name as a search filter. See Searching Events.
- Find in events. Use this option to execute a search of the asset name in the Events page. See Searching Events.
- Look up in OTXThe world’s first truly open threat intelligence community. Enables collaborative defense with open access, collaborative research, seamless integration with USM Anywhere and USM Appliance, and plugin capabilities for other security products.. This option searches the IP address of the asset in the Open Threat Exchange page. See Using OTX in USM Anywhere.
- Full Details. See Viewing Assets Details for more information.
- Configure Asset. See Editing the Assets for more information.
- Delete Asset. See Deleting the Assets for more information.
- Asset Scan. This option displays or not depending on the sensor associated with the asset. See Running Asset Scans for more information.
- Assign Credentials. See Managing Credentials in USM Anywhere for more information.
- Authenticated ScanAuthenticated scans are performed from inside the machine using a user account with appropriate privileges.. This option displays or not depending on the sensor associated with the asset. See Running Authenticated Asset Scans for more information.
- Configuration IssuesAn identified configuration of software deployed, or features of software in use, which is known to be insecure.. This option goes to the asset
sdetails page. The page will have the Configuration Issues tab selected. See Viewing Assets Details for more information.
- Vulnerabilities. This option goes to the asset
sdetails page. The page will have the Vulnerabilities tab selected. See Viewing Assets Details for more information.
- Alarms. This option goes to the asset
sdetails page. The page will have the Alarms tab selected. See Viewing Assets Details for more information.
- EventsAny traffic or data exchange detected by AlienVault products through a Sensor, or through external devices such as a firewall.. This option goes to the asset
sdetails page. The page will have the Events tab selected. See Viewing Assets Details for more information.
You can also sort items by selecting 20, 50, or 100 below the result table.
Click Generate Report to export
Click the star symbol to the left of an item to mark it as a bookmark for quick access. Clicking the Star icon () on the secondary menu shows the bookmarked items and a link to them.
To create a view configuration
From the Vulnerabilities list view, select the filters you want to apply .
- Click the pull-down menu Save View > Save as.
- Type a name for the view and click Save.
To select a configured view
- From the
Vulnerabilitieslist view, click the View pull-down menu above the filters.
- Click Saved views and select the view you want to see.
- Click Apply.
Vulnerabilities from Assets Main Page
To explore vulnerabilities from assets
- Navigate to Environment > Assets.
- Click the filter Has Vulnerabilities.
Click the blue chevron icon () located next to the asset name you want to explore and select Vulnerabilities.
- Click View on the vulnerability you want to explore.
- (Optional) Click the star symbol to the left of the vulnerability name to mark it for quick access. Clicking the Star icon () on the secondary menu shows the bookmarked items and a link to it.
The asset details page opens with the list of vulnerabilities.
The More information link opens the Open Threat Exchange platform with the information about the CVE Identifier.