- Access and manage vulnerabilities and exposures, including major security events.
- Find and remediate threats quickly within your vendor portfolio.
Vulnerability Detection
Actions
Customize Vulnerability Detection Data
Customize the data included in the table.
Vulnerability Detection Breakdown
Expand or collapse the Vulnerability Detection breakdown.
Instructions:
- Select View full breakdown to expand the breakdown.
- Select Hide breakdown to collapse the breakdown.
Export Vulnerability Detection Data (.csv)
Filter Vulnerability Detection
Search Vulnerability Detection
Instructions: Use the search field at the top-right of the table to search by vulnerability name.
View Vulnerability Details
See the vulnerability details.
Instructions: Select a vulnerability from the table.
Vulnerability Detection: Breakdown
The collapsible breakdown provides the following information:
- Vulnerabilities detected in Portfolio – A chart showing vulnerabilities detected in your portfolio out of all Bitsight-supported vulnerabilities.
- Exposure 14 day Trend – The number of trending vulnerabilities during the past 14 days.
- Recently Supported Vulnerabilities – Vulnerabilities that were most recently added to the Bitsight platform.
Vulnerability Detection: Fields
- Category
- Indicates whether this is a single vulnerability or a vulnerability group.
- [Date] First Seen
- The date when this vulnerability was first detected in your portfolio.
- EPSS
- The Exploit Prediction Scoring System (EPSS) percentage, which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it is to be exploited.
- Evidence Certainty
- Evidence certainty indicates how conclusively the evidence shows that a company is exposed to or has mitigated a vulnerability.
- Exposure Detected
- Companies exposed to this vulnerability in the past 60 days.
- Exposure Trend
- The trend in the number of companies in your portfolio that are exposed to this vulnerability compared to 14 days ago.
- Mitigation Detected
- Companies that have evidence of mitigation or do not have evidence of exposure in the past 60 days.
- Severity Details
- The CVSS score of this vulnerability. Learn more about the CVSS scoring model.
- Vulnerability
- The name of this vulnerability.
Vulnerability Detection: Filters
- Category
- Filter between seeing only vulnerabilities or vulnerability groups.
- Companies Exposed
- Select a range on the number of companies that are currently exposed.
- Companies Mitigated
- Select a range on the number of companies that have mitigated the vulnerability.
- [Date] First Seen
-
Filter by vulnerability first seen date.
Values: First seen within the last…
- 7d (days)
- 1m (month)
- 3m (months)
- Custom
- EPSS
- Filter by a range in EPSS %, which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it is to be exploited.
- Evidence Certainty
- Filter by evidence certainty.
- Exposure Trend
-
Values:
- Increasing
- Flat
- Decreasing
- Folder
- Use the context switcher to specify a tier and then include this to also filter by folder.
- Group
- Filter by vulnerability group.
- Severity Details
- Filter by a
0
-10
range in severity. - Tier
- Use the context switcher at the top-left of the Vulnerability Detection page to specify a folder and then include this to also filter by tier.
- Vulnerability Detected
- Include only detected vulnerabilities.
Vulnerability Details
Vulnerability Details: Actions
Epand or Collapse the Vulnerability Details Breakdown
Expand or collapse the Vulnerability Details breakdown.
Instructions:
- Select View full breakdown to expand the breakdown.
- Select Hide breakdown to collapse the breakdown.
Export Vulnerability Details (.csv)
Filter Vulnerability Details
Filter the table data by exposure status.
Instructions: Select the tab at the top of the table. Available tabs:
- Currently exposed
- Previously exposed
- Total exposed
Download the Vulnerability Detection Report (.pdf)
View Evidence Details
View a company’s evidence details sheet. The details include:
- First seen & last seen dates.
- A summary of the exposure.
- Evidence records pertaining to this company.
- A workflow for inviting a vendor to collaborate via the Client/Vendor Access Program.
- A downloadable report for quick-sharing.
Instructions: Select a company from the table.
Vulnerability Details: Breakdown
The collapsible breakdown provides the following information:
- Description: A description of the selected vulnerability.
- Severity: The vulnerability’s severity.
- Remediation: Remediation tips.
- Current Exposure: Your portfolio’s current exposure to the vulnerability.
Vulnerability Details: Fields
- Company Name
- The name of this company.
- [Date] First Seen
- The date when this vulnerability was first detected for this company.
- [Date] Last Seen
- The date when this vulnerability was last detected for this company.
- Evidence Certainty
- How conclusively Bitsight's evidence shows that a company is exposed to or has mitigated this vulnerability.
- Tier
- The tier of this company.
Filters
- [Date] First Seen
-
Include vulnerabilities that were first seen in the past:
- 7d (days)
- 1m (month)
- 3m (months)
- Custom
- [Date] Last Seen
-
Include vulnerabilities that were last seen in the past:
- 7d (days)
- 1m (month)
- 3m (months)
- Custom
- Evidence Certainty
- Filter by the level of certainty that a company is exposed to or has mitigated a vulnerability.
- Tier
- Ensure the All Companies folder is selected in the context switcher and then use the Tier filter to also filter by a specific tier.
- Folder
- Ensure the All Companies folder is selected in the context switcher and then use the Folder filter to also filter by a specific folder.
- September 9, 2024: Added EPSS field and filter; Added evidence certainty field and filter; Currently exposed field changed to exposure detected; Previously exposed field changed to mitigation detected; Currently exposed filter changed to companies exposed; Added companies mitigated filter; Added group filter.
- January 31, 2024: Listed available actions; Category filter for vulnerability groups.
- November 15, 2022: Published.
Feedback
0 comments
Please sign in to leave a comment.