0
30.0.1
Zurich, Yokohama, Xanadu
Note:
- Versions 30.0.X are part of the Innovation Lab (Early Access) release for Unified Security Exposure Management (USEM). These versions are intended for sub-production environments and a limited number of selected customers participating in the USEM Innovation Lab program.
- Upgrade Guidance: If you're not part of the USEM Innovation Lab program and want to upgrade without USEM, please select the latest GA version below 30.x.
Vulnerability Emergency Response is a comprehensive solution for proactive vulnerability management and crisis response. In a single workspace, it offers, standalone assessments for a single CVE and vulnerable product versions, while the newly introduced Vulnerability Crisis Management Workflow enables you to efficiently handle vulnerability crisis events from end-to-end. This workflow includes holistic exposure assessment to identify vulnerable Configuration Items, vulnerable item creation, and crisis declaration with major security incident management enabling cross-team engagement, collaboration, coordination and reporting for rapid response.
- Vulnerability Assessment Workspace for Vulnerability Event Managers to proactively manage critical vulnerabilities.
- Exposure Assessment
- Assess organization exposure for a single CVE or vulnerable product version.
- Accurate assessments with the normalized inventory of Software Asset Management.
- Automatic assessments of CISA, KEV, CVEs or CPEs
- Vulnerability Crisis Management - A complete workflow to handle vulnerability crisis events with the following capabilities.
- Efficiently identify vulnerable CIs by correlating critical vulnerabilities with software installations inventory (SAM), Software Bill of Materials Inventory (SBOM), scanner-reported vulnerabilities and CMDB.
- Generate vulnerable items for remediation based on assessment results, streamlining the remediation process.
- Initiate a major security incident response, ensuring swift and coordinated action.
- Engage and collaborate with teams across the organization, facilitating a unified response to vulnerabilities.
- Provide regular status reports to affected teams, partner teams, and leadership, maintaining transparency throughout the crisis.
Changed:
- Adopted modularized calculator for vulnerability assessments.
- Required plugins and products
- Dependencies
- Properties that need to be created or set to activate the content pack
- Affected business rules
- Affected script includes
- .jar files that need to get uploaded, if applicable