Versions Compared
compared with
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Criticality & Vulnerability
The Criticality & Vulnerability visualization is displayed under the Workspace.
Description:
Use the Criticality & Vulnerability visualization to view a roll-up of your vulnerability scan results.
Field | Description | Notes | |
---|---|---|---|
Title | Name of the vulnerability as defined by iSight (at this time). | ||
CVE/CVE Count | Vulnerability as assigned by iSight using the National Vulnerability Database (NVD) convention. This CVE count is expected to match customer scan information against the vendor/product pair (via Sprint 15), using synthetic Nessus scan information. | ||
Vendor | Vendor of the identified vulnerable software/system as defined by customer scan information (Nessus or Qualys) | ||
Product | The product associated with the Vendor. | ||
Labor Effort | A customer input that assigns a low, medium or high selection. | ||
Patch Difficulty | A customer input that assigns a low, medium or high selection. | ||
Vulnerable Hosts | The count of the number of vulnerable hosts as identified by vulnerability scanning from Customer scan information (Nessus or Qualys). (Sprint 15) | ||
Initial Estimate | A customer input that assigns a cost/value to patching a vulnerability based on the vulnerability/CVE using an FTE count and annual cost. | ||
Exploitability | The National Vulnerability Database Exploitability category assignment to the given CVE. | ||
Anticipated Risk Level | A Customer input that assigns a low, medium or high selection. | ||
Panel |
---|
Related Documentation:
|