Criticality & Vulnerability
The Criticality & Vulnerability visualization is displayed under the Workspace.
Description:
Use the Criticality & Vulnerability visualization to view a roll-up of your vulnerability scan results.
| Field | Description | Notes |
|---|---|---|
| Title | Name of the vulnerability as defined by iSight (at this time). | |
| CVE | Vulnerability as assigned by iSight via using the National Vulnerability Database (NVD) convention. This CVE count is expected to match customer scan information against the vendor/product pair (via Sprint 15), using synthetic messes scan information. | |
Vendor | Vendor of the identified vulnerable software/system .as defined by customer scan information (nessus or quals) | |
| Product | The product associated with the Vendor. | |
| Labor Effort | A customer input that assigns a low, medium or high selection. | |
| Patch Difficulty | A customer input that assigns a low, medium or high selection. | |
| Vulnerable Hosts | The count of the number of vulnerable hosts as identified by vulnerability scanning like from Customer scan information (Nessus or Qualys). | |
| Initial Estimate | A customer input that assigns a value to the vendor and product pair in order to close the | |
| Exploitability | The National Vulnerability Database exploitability category assigned to the given CVE, | |
| Anticipated Risk Level | A Customer input that assigning assigns a low, medium or high rating. | |
| Panel |
|---|
Related Documentation:
|