Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Overview

Use the Criticality & Vulnerability visualization to view a roll-up of your vulnerability scan results.

Some of the visualizations that ship with Information Security Analytics require additional data processing jobs to be executed from the platform. An IKANOW resource will be required to execute these map reduce jobs before your data will appear in the visualizations.

About Criticality & Vulnerability

The Criticality & Vulnerability visualization connects to your open source/commercial threat intelligence feeds, as well as your organization's asset database, in order to display detected CVE's (common vulnerabilities and exposures) and IOC's (indicator of compromise).  The visualization rolls up this critical information in one convenient location, and enables threat response management, including level of effort assignment, patch difficulty and cost estimates.

 

 

 

Using the Criticality & Vulnerability Visualization

Preparing to use the Criticality & Vulnerability visualization is a multi-step procedure.  First you must connect IKANOW ISA to your asset database and threat intelligence feeds using the Advanced Source Builder.  Once, the sources have been successfully tested and published an additional MR (map reduce) job is required to perform correlation.  An IKANOW resource can be allocated to create the necessary MR job.  Once the data from your asset database and the threat intelligence feeds have been co-related, you can use the visualization to perform threat response management.

Threat Response Management

Once the necessary data has been co-related, the detected CVE's and IOC's are displayed in the Vulnerability Table.  

The following activities can be performed from the vulnerability table:

  • Assign Level of Effort and Patch Difficulty
  • Manage Cost Estimation
  • Assign Anticipated Risk Level

Level of Effort

It is important to categorize CVEs by level of effort, to manage time and resources optimally.

To assign level of effort

  1. From the visualization, scroll to the CVE of interest
  2. Use the dropdown to assign Level of Effort (Low, Medium, High).

Once you have organized your CVE's using Level of Effort you can use this assignment to filter the list of CVE's accordingly.

Patch Difficulty

You can categorize CVEs by Patch Difficulty, to manage time and resources optimally.

To assign Patch Difficulty

  1. From the visualization, scroll to the CVE of interest.
  2. Use the dropdown to assign Patch Difficulty (Low, Medium, High).

Once you have organized your CVE's using Patch Difficulty you can use this assignment to filter the list of CVE's accordingly.

Cost Estimates

todo

Anticipated Risk Level

todo

 

 

 

Related Documentation:

Criticality & Vulnerability Interface

 

  • No labels