The Criticality & Vulnerability visualization is displayed under the Workspace.
Description:
Use the Criticality & Vulnerability visualization to view a roll-up of your vulnerability scan results.
Field
Description
Notes
Title
Name of the vulnerability as defined by iSight (at this time).
CVE/CVE Count
Vulnerability as assigned by iSight using the National Vulnerability Database (NVD) convention. This CVE count is expected to match customer scan information against the vendor/product pair (via Sprint 15), using synthetic messes scan information.
Vendor
Vendor of the identified vulnerable software/system as defined by customer scan information (Nessus or Qualys)
Product
The product associated with the Vendor.
Labor Effort
A customer input that assigns a low, medium or high selection.
Patch Difficulty
A customer input that assigns a low, medium or high selection.
Vulnerable Hosts
The count of the number of vulnerable hosts as identified by vulnerability scanning from Customer scan information (Nessus or Qualys). (Sprint 15)
Initial Estimate
A customer input that assigns a value to the vendor and product pair in order to close the
Exploitability
The National Vulnerability Database Exploitability category assignment to the given CVE.
Anticipated Risk Level
A Customer input that assigns a low, medium or high rating.