Prioritizing vulnerabilities

To improve your infrastructure security, it is crucial to analyze the vulnerabilities detected during a vulnerability scan. By monitoring the number of vulnerabilities and affected nodes, the risk score, and the analysis of each vulnerability, you can prioritize its remediation and manage your security resources efficiently.

To help you examine the severity of the vulnerabilities in the context of each node, the Vulnerabilities dashboard provides a summary view of the most critical ones detected on your infrastructure.

Tip: By default, the dashboard automatically refreshes every 15 minutes. To change to a manual refresh, click Manage sources > Automatically refresh dashboard. The manual refresh dashboard option appears at the top of the dashboard.

Vulnerable nodes needing immediate attention

It's a top priority to fix a critical vulnerability in a node that’s considered extremely important. However, remediating the same vulnerability might not be a top priority if it’s present on a node of medium or low importance.

There are several ways you can explore vulnerable nodes from the Vulnerabilities dashboard:

  • From the metrics bar at the top of the Vulnerabilities dashboard:
    • The Vulnerable Nodes area of the metrics bar displays how many nodes on your network are vulnerable. Click this area to go to the Most vulnerable nodes page. The Most vulnerable nodes page lists and orders nodes ranked by the number of vulnerabilities detected on each node. You can further filter by resource name, IP address, operating system, and OS version, or any combination of these. Select an individual node to go its Most vulnerable nodes page where you can run tasks to remediate the vulnerabilities affecting it.
    • The Most Vulnerable Node area of the metrics bar displays the number of vulnerabilities affecting the most vulnerable node on your system. Click this area to go to the Most vulnerable nodes page for this particular node. You can run task directly from this page to remediate the vulnerabilities affecting this node.
  • From the Nodes tab:
    • Sort the Nodes table by the total number of Vulnerabilities column to list the nodes with most vulnerabilities.

Vulnerabilities posing the highest risk to my infrastructure

A risk is a potential for loss, damage, or destruction of a node as a result of a threat exploiting a vulnerability. The risk score assigned to each vulnerability indicates the potential danger it poses to each node. It is based on the impact and possibility of exploit.

There are several ways you can explore high risk vulnerabilities from the Vulnerabilities dashboard:

  • On the metrics bar at the top of the Vulnerabilities dashboard:
    • The Highest Risk Score area displays the risk score (as defined by your scanner) for the most serious vulnerability affecting your network. Click this area to go to the Vulnerability detail page for this vulnerability, where you can information on the number of nodes with the vulnerability, an analysis of the threat, and information on the steps needed to remediate the problem (if provided by your scanner).
  • On the Vulnerabilities tab:
    • The Criticality breakdown chart displays the percentage of vulnerabilities in each criticality division affecting nodes on your network. Mouse over each section in the chart to see more information on the number of vulnerabilities in that category affecting nodes in your network. Click on a section to view all vulnerabilities in this criticality division listed in the Vulnerabilities table.
    • Sort the Vulnerabilities table by Risk score to list vulnerabilities by highest risk score.

The Highest risk vulnerabilities page lists and orders vulnerabilities ranked by the assigned risk score and by the number of nodes the vulnerability was detected on.

Important: The risk score is assigned by your vulnerability scanner.

Vulnerabilities affecting a large percentage of my infrastructure

On the Vulnerabilities tab of the Vulnerabilities dashboard, the Top 5 common vulnerabilities chart lists the top 5 vulnerabilities detected on nodes running on your infrastructure. Each vulnerability on this chart is ranked by the number of nodes it was detected on. Click a bar in this area to see all the nodes affected by the selected vulnerability in the Vulnerabilities table.

The Hosts affected column in the Vulnerabilities table lists vulnerabilities ranked by the number of nodes the vulnerability is detected on. Sort this column to order vulnerabilities by the number of nodes they affect.