Vulnerability assessment visibility and configuration

Views:

View all Vulnerabilities detected on your assets, and configure TrendAI Vision One™ to assess for all Vulnerabilities on your internal assets, including low-impact Vulnerabilities.

Cyber Risk Exposure Management prioritizes assessment for high-impact and medium-impact vulnerabilities (vulnerabilities with an impact score range of 31-100). The strategy helps you focus on the most important remediation tasks to stop potential threat actors from breaching your network. However, visibility into low-impact vulnerabilities (vulnerabilities with an impact score range of 0-30) may also be necessary for your organization to meet compliance requirements or follow internal policies.

Additionally, low-impact vulnerabilities may pose high future risks if new exploit methods emerge. Identifying and addressing low-impact vulnerabilities proactively enhances your security posture and prevents new sophisticated attacks from affecting your organization.

If you do not have a third-party vulnerability assessment tool connected to TrendAI Vision One™, you may configure the TrendAI Vision One™ vulnerability assessment service to assess your internal assets for all vulnerabilities, including low-impact vulnerabilities.

fullCVEcoverageModal=GUID-c41d71a5-936c-4f07-923c-decf69a0d98d.jpg

In the Vulnerabilities tab of Cyber Risk Overview → Exposure Overview or the Risk Factors tab in Threat and Exposure Management → Vulnerabilities, click Configure Vulnerability Coverage. You may choose to assess your internal assets for all vulnerabilities or keep the default behavior of scanning for high-impact and medium-impact vulnerabilities only. To understand how impact scores are determined, see Vulnerability impact score.

Note

It may take up to 24 hours for new vulnerability data to display after enabling assessment for all vulnerabilities on internal assets.

In Cyber Risk Overview → Exposure Overview, the following vulnerability management metrics display data on all detected vulnerabilities:

Detected Vulnerabilities: vulnerabilities are calculated and organized by impact score.
- Internet-facing assets are not currently included in the calculation.
Mean Time to Patch (MTTP)
Average Unpatched Time (AUT)
Vulnerable Endpoint Percentage
Vulnerability Density

In Threat and Exposure Management → Vulnerabilities, data on all detected vulnerabilities is calculated into the vulnerability percentage and Vulnerability density metrics. In the Detected Vulnerabilities table, vulnerabilities are counted based on impact score level. Click the corresponding impact score level to filter detected vulnerabilities by impact score.

ODallCVEs=GUID-3b441cb0-26cd-4a3b-bf43-82de935ae319.jpg

Important

Full vulnerability assessment configuration is for internal assets only. Internet-facing assets, containers, cloud VMs, and serverless functions display all vulnerabilities by default.
If you disable assessment for all vulnerabilities, it may take up to 24 hours for the change to be reflected. All vulnerability data remains in Threat and Exposure Management for 30 days, but the vulnerability status is no longer monitored. After 30 days, low-impact vulnerabilities detected by TrendAI Vision One™ are removed.