0
5.1.1
Yokohama, Xanadu, Washington DC
Vulnerability Emergency Response is a comprehensive solution for proactive vulnerability management and crisis response. In a single workspace, it offers, standalone assessments for a single CVE and vulnerable product versions, while the newly introduced Vulnerability Crisis Management Workflow enables you to efficiently handle vulnerability crisis events from end-to-end. This workflow includes holistic exposure assessment to identify vulnerable Configuration Items, vulnerable item creation, and crisis declaration with major security incident management enabling cross-team engagement, collaboration, coordination and reporting for rapid response.
- Vulnerability Assessment Workspace for Vulnerability Event Managers to proactively manage critical vulnerabilities.
- Exposure Assessment
- Assess organization exposure for a single CVE or vulnerable product version.
- Accurate assessments with the normalized inventory of Software Asset Management.
- Automatic assessments of CISA, KEV, CVEs or CPEs
- Vulnerability Crisis Management - A complete workflow to handle vulnerability crisis events with the following capabilities.
- Efficiently identify vulnerable CIs by correlating critical vulnerabilities with software installations inventory (SAM), Software Bill of Materials Inventory (SBOM), scanner-reported vulnerabilities and CMDB.
- Generate vulnerable items for remediation based on assessment results, streamlining the remediation process.
- Initiate a major security incident response, ensuring swift and coordinated action.
- Engage and collaborate with teams across the organization, facilitating a unified response to vulnerabilities.
- Provide regular status reports to affected teams, partner teams, and leadership, maintaining transparency throughout the crisis.
Fixed:
- Access to sn_vul_analyst_exposure_manifest and sn_vul_analyst_software_risk tables has been restricted for all users via ACL configuration to enhance data security.
- Required plugins and products
- Dependencies
- Properties that need to be created or set to activate the content pack
- Affected business rules
- Affected script includes
- .jar files that need to get uploaded, if applicable