Skip to main content
Version: Next 🚧

Vulnerability Management

Cert-IX Vulnerability Management helps you identify, track, prioritize, and remediate security vulnerabilities across your organization.

Vulnerability Management Features​

Vulnerability Discovery​

Find vulnerabilities through:

  • Automated scanning
  • Agent-based detection
  • Integration with external scanners
  • Manual assessment import
  • Threat intelligence correlation

Prioritization​

Smart prioritization based on:

  • CVSS severity scores
  • Exploitability
  • Asset criticality
  • Business impact
  • Threat intelligence

Tracking​

Complete lifecycle tracking:

  • Discovery to resolution
  • Status updates
  • Assignment tracking
  • SLA monitoring
  • Historical records

Remediation​

Streamlined fix process:

  • Remediation guidance
  • Patch management
  • Verification scanning
  • Closure validation

Vulnerability Dashboard​

Overview Metrics​

  • Total vulnerabilities
  • By severity (Critical/High/Medium/Low)
  • New vs. existing
  • Remediated this period
  • Average age

Trend Charts​

  • Vulnerability count over time
  • New discoveries vs. remediations
  • Severity trends
  • SLA compliance

Top Lists​

  • Most vulnerable assets
  • Oldest vulnerabilities
  • Critical findings
  • Approaching SLA

Using Vulnerability Management​

Viewing Vulnerabilities​

  1. Navigate to Analytics β†’ Vulnerability Management
  2. View the vulnerability dashboard
  3. Use filters to focus on specific areas
  4. Click any vulnerability for details

Vulnerability Details​

Each vulnerability shows:

  • CVE ID - Common Vulnerabilities and Exposures identifier
  • Severity - CVSS score and rating
  • Description - What the vulnerability is
  • Affected Assets - Which systems are impacted
  • Remediation - How to fix it
  • Status - Current state
  • History - Timeline of events

Filtering Vulnerabilities​

Filter by:

  • Severity level
  • Status (open, in progress, resolved)
  • Asset group
  • Discovery date
  • Due date
  • Assignee

Bulk Actions​

  • Assign multiple vulnerabilities
  • Update status in bulk
  • Export selected items
  • Schedule for remediation

Prioritization Framework​

Risk-Based Prioritization​

FactorWeightDescription
CVSS Score30%Technical severity
Exploitability25%Known exploits available
Asset Criticality20%Business importance
Exposure15%Network accessibility
Threat Intel10%Active exploitation

Priority Categories​

  • Critical - Fix immediately (24-48 hours)
  • High - Fix within 1 week
  • Medium - Fix within 30 days
  • Low - Fix within 90 days

Remediation Workflow​

Standard Workflow​

  1. Identified - Vulnerability discovered
  2. Confirmed - Validated as real
  3. Assigned - Owner designated
  4. In Progress - Fix underway
  5. Pending Verification - Fix applied, awaiting scan
  6. Resolved - Verified as fixed

Remediation Actions​

For Each Vulnerability​

  • View remediation guidance
  • Access related patches
  • Link to tickets
  • Track time spent
  • Document workarounds

Remediation Options​

  • Patch - Apply vendor fix
  • Upgrade - Update to newer version
  • Configure - Change settings
  • Mitigate - Apply compensating controls
  • Accept - Document risk acceptance

Scanning​

Scan Types​

  • Discovery Scan - Find new assets
  • Vulnerability Scan - Identify vulnerabilities
  • Compliance Scan - Check configurations
  • Verification Scan - Confirm remediation

Scheduling Scans​

  1. Go to Scan Management
  2. Click Schedule Scan
  3. Select scan type
  4. Choose targets
  5. Set schedule
  6. Configure options

Scan Results​

  • Summary statistics
  • New findings
  • Resolved items
  • Scan coverage
  • Performance metrics

Reporting​

Available Reports​

Executive Summary​

  • High-level vulnerability status
  • Trend analysis
  • Risk summary
  • Recommendations

Technical Report​

  • Detailed findings
  • Affected systems
  • Remediation steps
  • Priority rankings

Compliance Report​

  • Vulnerability compliance status
  • SLA adherence
  • Policy compliance
  • Audit evidence

Custom Reports​

  • Select vulnerability sets
  • Choose data fields
  • Set date ranges
  • Export formats (PDF, CSV, JSON)

Best Practices​

  1. Scan regularly - Weekly for critical assets
  2. Prioritize effectively - Fix high-risk first
  3. Track SLAs - Meet remediation deadlines
  4. Verify fixes - Re-scan after remediation
  5. Report progress - Keep stakeholders informed
  6. Learn from trends - Identify root causes

Related: