Findings: Vulnerability Detection

The Vulnerability Detection page in the Security Performance Management application [ Findings ➔ Vulnerability Detection] shows vulnerabilities, as presented by the Patching Cadence and Open Ports risk vectors, affecting your My Company and your SPM Subsidiaries. Vulnerability Detection improves on the capabilities of the Vulnerability Catalog.

• Detect, manage, and mitigate emerging zero day events with speed.
• Manage risk more easily with a clear view of all vulnerabilities affecting your company and the evidence of them.

Bitsight API: GET: Portfolio Threats [/v2/threats/]

Actions

Download Data

Download the data in the Vulnerability Detection table (.csv).

Instructions: Select Download CSV at the top-right of the table.

Generate Reports

The reports include:

• Vulnerability Catalog
• Vulnerability Detection
• Vulnerability Detection Evidence

Instructions: Select the Vulnerabilities Reports button at the top-right of the Vulnerability Detection page.

Filtering

Instructions: Use the available filters or filter sets from the filter options.

View the Vulnerability Overview

Instructions: Select a vulnerability from the table.

Fields

CTI Attributes

Cyber Threat Intel (CTI) attributes are used to calculate the DVE score.

[Date] First Seen

The date when this vulnerability was first detected in this company.

[Date] Last Seen

The date when this vulnerability was last detected for this company.

Detection

Vulnerability exposure status. Use this to assess immediate risk and prioritize your remediation efforts.

DVE Score

Dynamic Vulnerability Exploit (DVE) is a scoring system to prioritize vulnerabilities.

EPSS

The Exploit Prediction Scoring System (EPSS) percentage, which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it is to be exploited.

Evidence Available

Evidence correlating to the company's state of vulnerability exposure is available. A company can have multiple types of evidence.

Evidence Certainty

Evidence certainty indicates how conclusively the evidence shows that a company is exposed to or has mitigated a vulnerability.

Group(s)

Vulnerabilities grouped and classified based on common frameworks and events.

Severity Details

The CVSS score of this vulnerability. Learn more about the CVSS scoring model.

Vulnerability

The name of this vulnerability, displayed as the CVE ID plus the colloquial name for the vulnerability if there is one.

Filters

CTI Attributes

Filter by CTI attributes. See attributes.

[Date] First Seen

Filter by the vulnerability's first seen date.

Values: First seen within the last…

• 7d (days)
• 1m (month)
• 3m (months)
• Custom

[Date] Last Seen

Filter by the vulnerability's last seen date.

Values: Last seen within the last…

• 7d (days)
• 1m (month)
• 3m (months)
• Custom

Detection

Filter by exposure detection status.

Values:

• Exposure
• Mitigation

DVE Score

Filter by a range in DVE scores.

EPSS

Filter by a range in EPSS %, which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it is to be exploited.

Evidence Available

Filter by evidence available status.

Values:

• Vulnerable software or configuration in use
• Vulnerable software version in use
• Relationship with vulnerable provider indicated
• Long time since detection
• Non-vulnerable records

Evidence Certainty

Filter by the level of certainty that a company is exposed to or has mitigated a vulnerability.

Group

Filter by vulnerability or vulnerability group.

Severity

Filter by severity. Learn more about the CVSS scoring model.