Views:

View important information regarding a specific Vulnerability detected in your environment and any associated prevention and detection rules available from your integrated products.

Vulnerability profiles provide detailed information regarding the vulnerabilities detected in your organization's environment, the mitigation options available from your TrendAI™ products, and any additional reference information for use in further investigation. The type of vulnerability determines what information is displayed in the profile.
To view the profile of a vulnerability, go to Threat and Exposure Management and select the Vulnerabilities risk factor in the Risk Factors tab. Then, click the Vulnerability ID of the vulnerability under Detected Vulnerabilities. You may also click the open in new tab icon (open_in_new_tab_icon=GUID-D37037A0-DD4F-4C8A-AB74-D8793D4F991A.png) next to the vulnerability in Network SecurityIntrusion Prevention Configuration.
To view the profile of a time-critical vulnerability, go to the Exposure Overview tab in Cyber Risk Overview and click View details in the corresponding security alert.
The following table details the tabs that can be displayed when viewing the profile screen for a vulnerability. Displayed tabs vary depending on the types of assets vulnerable to the vulnerability.

Vulnerability Profile Tabs

Tab
Description
Basic
General information about the vulnerability
Devices
Lists your devices vulnerable to the vulnerability. Select a device to change the status of the vulnerability on the specified device. Filter devices by case ID. Select devices and use the Manage case menu to move assets between cases, remove assets from cases, or create a new case.
Hosts
Lists your internet-facing assets vulnerable to the vulnerability. Select a host to change the status of the vulnerability on the specified internet-facing asset.
Containers
Lists your cloud-based container clusters and images vulnerable to the vulnerability
Cloud VMs
Lists your cloud VMs and cloud data storage vulnerable to the vulnerability
Note
Note
Only EBS volumes that are attached to an EC2 instance are displayed when viewing by Cloud VMs. All EBS volumes are listed when viewing by Cloud data storage.
Threat Intelligence
Important
Important
This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.
Displays emerging threats and threat actors associated with the vulnerability as well as threat hunting queries you may use to search for associated threats in your environment
  • Click on the name of an emerging threat or threat actor to view the corresponding profile in Threat Intelligence Hub
  • Click Execute Query in the entry for a threat hunting query to run the query in XDR Data Explorer
  • Click Copy Query in the entry for a threat hunting query to copy the query to your clipboard
The following table details the information displayed in the Basic tab when viewing the profile screen for a highly exploitable unique vulnerability.

Vulnerability Profile - Basic Tab

Section
Description
General
General information about the vulnerability
  • Global exploit activity: Determined by frequency in which the vulnerability is exploited globally and the expectation that the vulnerability might be exploited in the future
  • Published: The official publish date of the vulnerability
  • Description: The official vulnerability description
  • CVSS: The Common Vulnerability Scoring System (CVSS) information
Attack Prevention/Detection Rules
Displays available rules from TrendAI™ products that can mitigate the risk posed by the vulnerability
Click the Rule ID/Malware Name corresponding to a product to see the available filter rule IDs, the ID status, and instructions on how to apply the rules.
Note
Note
All TrendAI™ products with available attack prevention/detection rules display regardless of whether you have the product connected in your environment. For information about how to purchase TrendAI™ products, contact your sales representative.
For more information on connecting products to Threat and Exposure Management, see Configure Cyber Risk Exposure Management data sources.
Important
Important
To locate and block the filter rules on all profiles using the TippingPoint Security Management System web management console, go to ProfilesInspection ProfilesGlobal Search.
Mitigation Options
Provides a set of recommended actions curated by TrendAI™ threat experts that you can use to mitigate the selected vulnerability on applicable operating systems.
For some supported platforms, TrendAI Vision One™ automatically detects completed mitigation actions, sets the vulnerability status to Mitigated, and removes affected devices from the affected devices list. Vulnerabilities on some platforms are not supported for automatic detection, which means any mitigated devices may still remain on the affected devices list. TrendAI™ still recommends you to complete mitigation actions on unsupported platforms to strengthen your security posture.
Reference
Displays additional reference links for the vulnerability
Related information