Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Overview
Use the Criticality & Vulnerability visualization to view a roll-up of your vulnerability scan results.
Info |
---|
Some of the visualizations that ship with Information Security Analytics require additional data processing jobs to be executed from the platform. An IKANOW resource will be required to execute these map reduce jobs before your data will appear in the visualizations. |
About Criticality & Vulnerability
The Criticality & Vulnerability visualization connects to your open source/commercial threat intelligence feeds, as well as your organization's asset database, in order to display detected CVE's (common vulnerabilities and exposures) and IOC's (indicator of compromise). The visualization rolls up this critical information in one convenient location, and enables threat response management, including level of effort assignment, patch difficulty and cost estimates.
Gliffy | ||||
---|---|---|---|---|
|
Using the Criticality & Vulnerability Visualization
TODO
Preparing to use the Criticality & Vulnerability visualization is a multi-step procedure. First you must connect IKANOW ISA to your asset database and threat intelligence feeds using the Advanced Source Builder. Once, the sources have been successfully tested and published an additional MR (map reduce) job is required to perform correlation. An IKANOW resource can be allocated to create the necessary MR job. Once the data from your asset database and the threat intelligence feeds have been co-related, you can use the visualization to perform threat response management.
Threat Response Management
Once the necessary data has been co-related, the detected CVE's and IOC's are displayed in the Vulnerability Table.
The following activities can be performed from the vulnerability table:
- Assign Level of Effort and Patch Difficulty
- Manage Cost Estimation
- Assign Anticipated Risk Level
Level of Effort
It is important to categorize CVEs by level of effort, to manage time and resources optimally.
To assign level of effort
- From the visualization, scroll to the CVE of interest
- Use the dropdown to assign Level of Effort (Low, Medium, High).
Once you have organized your CVE's using Level of Effort you can use this assignment to filter the list of CVE's accordingly.
Patch Difficulty
You can categorize CVEs by Patch Difficulty, to manage time and resources optimally.
To assign Patch Difficulty
- From the visualization, scroll to the CVE of interest.
- Use the dropdown to assign Patch Difficulty (Low, Medium, High).
Once you have organized your CVE's using Patch Difficulty you can use this assignment to filter the list of CVE's accordingly.
Cost Estimates
todo
Anticipated Risk Level
todo
Panel |
---|
Related Documentation: |