Vulnerability Management
Learn about vulnerability management in Epiphany.
What is Vulnerability Management In Epiphany?
Epiphany is focused on the finding the conditions that create risk in your organization's devices from lack of defensive controls. Vulnerabilities are just one of those conditions. As organizations transition from a vulnerability score-driven approach to a risk-based vulnerability management program, Epiphany offers a unique view on vulnerabilities. Epiphany can track multiple metrics about a vulnerability and correlate that with an attacker's ability to utilize it to create a material impact. Epiphany will only recommend patching vulnerabilities that meet three key criteria:
It is technically feasible to exploit the vulnerability.
The vulnerability is in active use. This means it is used by an active persistent threat (APT) or ransomware.
The vulnerability is associated with an attack path that creates material impact.
Epiphany will prioritize those that meet these criteria above all else. Tools for evaluating your vulnerabilities can be found by selecting Attack Path Tools -> Vulnerabilities.
NOTE: Epiphany has its own vulnerability data that is uses to evaluate the viability of each exploitable condition. Because of this, if Epiphany is provided an application inventory by any data source, Epiphany will attempt to do a primary or secondary vulnerability approximation based on what is installed on the device.
Last updated