Note:
This app version is intended for Unified Security Exposure Management (USEM), a significant architectural upgrade to the Vulnerability Response applications.
If you are currently using Vulnerability Response and upgrading to USEM for the first time, you must use the Migration assistant for Unified Security Exposure Management to ensure a safe and successful upgrade. For full details, please refer to the KB2556844 and documentation before proceeding.
If you do not intend to upgrade to USEM, please select a version below 30.x when installing or upgrading.
Vulnerability Emergency Response is a comprehensive solution for proactive vulnerability management and crisis response. In a single workspace, it offers, standalone assessments for a single CVE and vulnerable product versions, while the newly introduced Vulnerability Crisis Management Workflow enables you to efficiently handle vulnerability crisis events from end-to-end. This workflow includes holistic exposure assessment to identify vulnerable Configuration Items, vulnerable item creation, and crisis declaration with major security incident management enabling cross-team engagement, collaboration, coordination and reporting for rapid response.
- Vulnerability Assessment Workspace for Vulnerability Event Managers to proactively manage critical vulnerabilities.
- Exposure Assessment
- Assess organization exposure for a single CVE or vulnerable product version.
- Accurate assessments with the normalized inventory of Software Asset Management.
- Automatic assessments of CISA, KEV, CVEs or CPEs
- Vulnerability Crisis Management - A complete workflow to handle vulnerability crisis events with the following capabilities.
- Efficiently identify vulnerable CIs by correlating critical vulnerabilities with software installations inventory (SAM), Software Bill of Materials Inventory (SBOM), scanner-reported vulnerabilities and CMDB.
- Generate vulnerable items for remediation based on assessment results, streamlining the remediation process.
- Initiate a major security incident response, ensuring swift and coordinated action.
- Engage and collaborate with teams across the organization, facilitating a unified response to vulnerabilities.
- Provide regular status reports to affected teams, partner teams, and leadership, maintaining transparency throughout the crisis.
Changed:
- Adopted modularized calculator for vulnerability assessments.
- Required plugins and products
- Dependencies
- Properties that need to be created or set to activate the content pack
- Affected business rules
- Affected script includes
- .jar files that need to get uploaded, if applicable