0
5.2.2
Zurich, Yokohama, Xanadu, Washington DC
Vulnerability Emergency Response is a comprehensive solution for proactive vulnerability management and crisis response. In a single workspace, it offers, standalone assessments for a single CVE and vulnerable product versions, while the newly introduced Vulnerability Crisis Management Workflow enables you to efficiently handle vulnerability crisis events from end-to-end. This workflow includes holistic exposure assessment to identify vulnerable Configuration Items, vulnerable item creation, and crisis declaration with major security incident management enabling cross-team engagement, collaboration, coordination and reporting for rapid response.
- Vulnerability Assessment Workspace for Vulnerability Event Managers to proactively manage critical vulnerabilities.
- Exposure Assessment
- Assess organization exposure for a single CVE or vulnerable product version.
- Accurate assessments with the normalized inventory of Software Asset Management.
- Automatic assessments of CISA, KEV, CVEs or CPEs
- Vulnerability Crisis Management - A complete workflow to handle vulnerability crisis events with the following capabilities.
- Efficiently identify vulnerable CIs by correlating critical vulnerabilities with software installations inventory (SAM), Software Bill of Materials Inventory (SBOM), scanner-reported vulnerabilities and CMDB.
- Generate vulnerable items for remediation based on assessment results, streamlining the remediation process.
- Initiate a major security incident response, ensuring swift and coordinated action.
- Engage and collaborate with teams across the organization, facilitating a unified response to vulnerabilities.
- Provide regular status reports to affected teams, partner teams, and leadership, maintaining transparency throughout the crisis.
- New
- The following enhancements are available in Hardware Vulnerability Assessment:
- Assessments without Normalization: Ability to assess discovery models without content available for normalization.
- Confidence Scores: New scoring mechanism for all types of assessments.
- Partial assessment for partially normalized discovery model: Creates partial assessments for discovery models without firmware version. The partial assessments are done if the other versions of the discovery model have the same publisher and model.
- Expiring of assessments: If you update the firmware version of a CI, the corresponding normalized discovery model also updates. The assessment records based on the older firmware version expires while new assessments are generated for new firmware version.
- Fixed
- Update code to create assessments for unmapped discovered models
- Created assessments for range criteria having empty in cpe mapping and observe that partial match assessments have confidence score as 1.
- fixed few security ACLs related to Data brokers and Script includes.
- Required plugins and products
- Dependencies
- Properties that need to be created or set to activate the content pack
- Affected business rules
- Affected script includes
- .jar files that need to get uploaded, if applicable