0
5.1.2
Yokohama, Xanadu, Washington DC
Vulnerability Emergency Response is a comprehensive solution for proactive vulnerability management and crisis response. In a single workspace, it offers, standalone assessments for a single CVE and vulnerable product versions, while the newly introduced Vulnerability Crisis Management Workflow enables you to efficiently handle vulnerability crisis events from end-to-end. This workflow includes holistic exposure assessment to identify vulnerable Configuration Items, vulnerable item creation, and crisis declaration with major security incident management enabling cross-team engagement, collaboration, coordination and reporting for rapid response.
- Vulnerability Assessment Workspace for Vulnerability Event Managers to proactively manage critical vulnerabilities.
- Exposure Assessment
- Assess organization exposure for a single CVE or vulnerable product version.
- Accurate assessments with the normalized inventory of Software Asset Management.
- Automatic assessments of CISA, KEV, CVEs or CPEs
- Vulnerability Crisis Management - A complete workflow to handle vulnerability crisis events with the following capabilities.
- Efficiently identify vulnerable CIs by correlating critical vulnerabilities with software installations inventory (SAM), Software Bill of Materials Inventory (SBOM), scanner-reported vulnerabilities and CMDB.
- Generate vulnerable items for remediation based on assessment results, streamlining the remediation process.
- Initiate a major security incident response, ensuring swift and coordinated action.
- Engage and collaborate with teams across the organization, facilitating a unified response to vulnerabilities.
- Provide regular status reports to affected teams, partner teams, and leadership, maintaining transparency throughout the crisis.
- Fixed:
- Population of "Installation count" field was fixed when VEX Record was created via Vulnerability Assessment.
- Required plugins and products
- Dependencies
- Properties that need to be created or set to activate the content pack
- Affected business rules
- Affected script includes
- .jar files that need to get uploaded, if applicable