Vulnerabilities

The Vulnerabilities page provides many different ways to locate and display information about vulnerabilities found on your devices, and in general.

To access the vulnerabilities information:

  • In the left navigation menu, expand Attack Path Tools and then select Vulnerabilities.

The tiles at the top of the Vulnerabilities page control which vulnerabilities are listed in the bottom half of the page. Select a color in one of the circles, and the vulnerabilities in that grouping are the ones that appear in the list. This allows you to zero in on the vulnerabilities you're most interested in.

You can select various items in the list to display additional details about that item. For example, in the Affected Devices column, click on 13 to details about all 13 devices.

Vulnerability Details

Each vulnerability can be expanded to show additional information. As an example, CVE-2022-26486 in the image above is being used by two groups of threat actors (Shadow Crane and one other). It was discovered in this Eipiphany data set through an integration with CrowdStrike Spotlight, and is present on one device which is in one attack path.

Vulnerability Prioritization

The vulnerability breakdown widget shows you progressive levels of prioritization of vulnerabilities. As you select different rings of the chart, the table below will display matching vulnerabilities.

Blue Segment - All vulnerabilities

Yellow Segment - Exploitable vulnerabilities

Orange Segment - Exploitable and actively in-use vulnerabilities

Red Segment - In Paths: Exploitable, actively used, and accessible through prioritized attack paths

Best practice would be to prioritize the "In Paths" vulnerabilities, as those are practical exploits that lead to valuable identities, devices and assets within your environment.

Last updated