Vulnerabilities
Last updated
Last updated
The Vulnerabilities page provides many different ways to locate and display information about vulnerabilities found on your devices, and in general.
To access the vulnerabilities information:
In the left navigation menu, expand Attack Path Tools and then select Vulnerabilities.
The tiles at the top of the Vulnerabilities page control which vulnerabilities are listed in the bottom half of the page. Select a color in one of the circles, and the vulnerabilities in that grouping are the ones that appear in the list. This allows you to zero in on the vulnerabilities you're most interested in.
You can select various items in the list to display additional details about that item. For example, in the Affected Devices column, click on 13 to details about all 13 devices.
Each vulnerability can be expanded to show additional information. As an example, CVE-2022-26486 in the image above is being used by two groups of threat actors (Shadow Crane and one other). It was discovered in this Eipiphany data set through an integration with CrowdStrike Spotlight, and is present on one device which is in one attack path.
The vulnerability breakdown widget shows you progressive levels of prioritization of vulnerabilities. As you select different rings of the chart, the table below will display matching vulnerabilities.
Blue Segment - All vulnerabilities
Yellow Segment - Exploitable vulnerabilities
Orange Segment - Exploitable and actively in-use vulnerabilities
Red Segment - In Paths: Exploitable, actively used, and accessible through prioritized attack paths
Best practice would be to prioritize the "In Paths" vulnerabilities, as those are practical exploits that lead to valuable identities, devices and assets within your environment.
