Vulnerability Assessment and Management

Overview

Welcome to the Vulnerability Assessment and Management module. In this section, you'll be guided through the process of using our vulnerability assessment and management tool. You'll learn how to:

Vulnerability assessment and management is a process for identifying, evaluating, and addressing security weaknesses in an organization’s systems and networks. It involves scanning for vulnerabilities, assessing their impact, and prioritizing them by severity. This includes using tools and techniques to find vulnerabilities, analyzing the results, and generating reports for remediation. Management then involves applying patches, adjusting security settings, and monitoring for new threats. The goal is to enhance security, reduce risk, and protect against potential exploitation.


Navigate to the module:

R5GfB6pGwUipb7d9-drawing-30-1724749228.png


How to Create a Scan

image.png

image.png


Scans Dashboard:

The scans dashboard provides a comprehensive overview of all ongoing scans, displaying the percentage of completion for each one. Additionally, it highlights the number of detected severities and vulnerabilities, offering a clear and detailed snapshot of the scan results.

Screenshot from 2024-08-29 16-45-29.png


Vulnerability Assessment and Management Dashboard:


Vulnerability Score:

image.png

The total risk presented by vulnerabilities found in an organization's systems is measured by the Overall Vulnerability Score in a Vulnerability Assessment and Management (VAM). This score is the result of assessing various elements, including each vulnerability's criticality, possible impact, exploitation, and severity. Metrics like the Common Vulnerability Scoring System (CVSS) scores, which grade vulnerabilities according to their effect and ease of exploitation, are also included. The overall vulnerability score aids in prioritizing repair activities by offering a consolidated view of the organization's risk exposure. This helps direct resource allocation to address the most urgent security concerns and improve the organization's overall security.


Overall Vulnerability Score - Trend:

image.png

The Vulnerability Score Trend tracks changes in the overall vulnerability score over time, showing how the organization's risk posture evolves. This trend helps assess the effectiveness of remediation efforts, identify recurring issues, and evaluate long-term security strategies. By analyzing these trends, organizations can gauge improvements in their security posture and make informed decisions to enhance cybersecurity.


Vulnerability Scans:

image.png

Running Scans - Indicates how many scans are running

Completed Scans - Indicates how many scans were completed

Assets Scanned - Indicates how many assets were scanned


Vulnerabilities by Severity & Asset Type:

image.pngThe charts displaying "Vulnerabilities by Severity" and "Vulnerabilities by Asset Type" provide a comprehensive breakdown of identified vulnerabilities within an organization. The "Vulnerabilities by Severity" chart categorizes vulnerabilities into critical, high, medium, low, and informational levels, offering a clear view of their distribution based on their severity. This classification helps in prioritizing remediation efforts according to the risk they pose. Meanwhile, the "Vulnerabilities by Asset Type" chart illustrates the count of vulnerabilities detected across various asset categories, such as web assets, network assets, and mobile assets. This chart allows organizations to understand which asset types are most vulnerable, facilitating targeted risk management and more effective allocation of security resources. By visualizing these metrics, the charts assist in identifying patterns and trends, ensuring a strategic approach to enhancing overall security posture.


Top CVEs Detected & Top Vulnerable Assets:

The Top CVEs Detected and Top Vulnerable Assets provide crucial insights into an organization's security posture by identifying prevalent vulnerabilities and at-risk assets. The Top CVEs Detected report highlights the most frequently found Common Vulnerabilities and Exposures (CVEs) within the organization, focusing attention on the most common and potentially severe vulnerabilities that need immediate remediation. In contrast, the Top Vulnerable Assets chart identifies which specific assets are most frequently affected by vulnerabilities. Together, these metrics enable organizations to prioritize their security efforts by addressing both the most critical vulnerabilities and the assets most susceptible to threats, thereby improving overall risk management and resource allocation.


If you need further assistance, kindly contact our support at info@cytechint.com for prompt assistance and guidance.


Revision #1
Created 27 August 2024 07:22:47 by David Napoleon Romanillos
Updated 4 September 2024 06:05:07 by David Napoleon Romanillos