Vulnerability Management
Cert-IX Vulnerability Management helps you identify, track, prioritize, and remediate security vulnerabilities across your organization.
Vulnerability Management Features
Vulnerability Discovery
Find vulnerabilities through:
- Automated scanning
- Agent-based detection
- Integration with external scanners
- Manual assessment import
- Threat intelligence correlation
Prioritization
Smart prioritization based on:
- CVSS severity scores
- Exploitability
- Asset criticality
- Business impact
- Threat intelligence
Tracking
Complete lifecycle tracking:
- Discovery to resolution
- Status updates
- Assignment tracking
- SLA monitoring
- Historical records
Remediation
Streamlined fix process:
- Remediation guidance
- Patch management
- Verification scanning
- Closure validation
Vulnerability Dashboard
Overview Metrics
- Total vulnerabilities
- By severity (Critical/High/Medium/Low)
- New vs. existing
- Remediated this period
- Average age
Trend Charts
- Vulnerability count over time
- New discoveries vs. remediations
- Severity trends
- SLA compliance
Top Lists
- Most vulnerable assets
- Oldest vulnerabilities
- Critical findings
- Approaching SLA
Using Vulnerability Management
Viewing Vulnerabilities
- Navigate to Analytics → Vulnerability Management
- View the vulnerability dashboard
- Use filters to focus on specific areas
- Click any vulnerability for details
Vulnerability Details
Each vulnerability shows:
- CVE ID - Common Vulnerabilities and Exposures identifier
- Severity - CVSS score and rating
- Description - What the vulnerability is
- Affected Assets - Which systems are impacted
- Remediation - How to fix it
- Status - Current state
- History - Timeline of events
Filtering Vulnerabilities
Filter by:
- Severity level
- Status (open, in progress, resolved)
- Asset group
- Discovery date
- Due date
- Assignee
Bulk Actions
- Assign multiple vulnerabilities
- Update status in bulk
- Export selected items
- Schedule for remediation
Prioritization Framework
Risk-Based Prioritization
| Factor | Weight | Description |
|---|---|---|
| CVSS Score | 30% | Technical severity |
| Exploitability | 25% | Known exploits available |
| Asset Criticality | 20% | Business importance |
| Exposure | 15% | Network accessibility |
| Threat Intel | 10% | Active exploitation |
Priority Categories
- Critical - Fix immediately (24-48 hours)
- High - Fix within 1 week
- Medium - Fix within 30 days
- Low - Fix within 90 days
Remediation Workflow
Standard Workflow
- Identified - Vulnerability discovered
- Confirmed - Validated as real
- Assigned - Owner designated
- In Progress - Fix underway
- Pending Verification - Fix applied, awaiting scan
- Resolved - Verified as fixed
Remediation Actions
For Each Vulnerability
- View remediation guidance
- Access related patches
- Link to tickets
- Track time spent
- Document workarounds
Remediation Options
- Patch - Apply vendor fix
- Upgrade - Update to newer version
- Configure - Change settings
- Mitigate - Apply compensating controls
- Accept - Document risk acceptance
Scanning
Scan Types
- Discovery Scan - Find new assets
- Vulnerability Scan - Identify vulnerabilities
- Compliance Scan - Check configurations
- Verification Scan - Confirm remediation
Scheduling Scans
- Go to Scan Management
- Click Schedule Scan
- Select scan type
- Choose targets
- Set schedule
- Configure options
Scan Results
- Summary statistics
- New findings
- Resolved items
- Scan coverage
- Performance metrics
Reporting
Available Reports
Executive Summary
- High-level vulnerability status
- Trend analysis
- Risk summary
- Recommendations
Technical Report
- Detailed findings
- Affected systems
- Remediation steps
- Priority rankings
Compliance Report
- Vulnerability compliance status
- SLA adherence
- Policy compliance
- Audit evidence
Custom Reports
- Select vulnerability sets
- Choose data fields
- Set date ranges
- Export formats (PDF, CSV, JSON)
Best Practices
- Scan regularly - Weekly for critical assets
- Prioritize effectively - Fix high-risk first
- Track SLAs - Meet remediation deadlines
- Verify fixes - Re-scan after remediation
- Report progress - Keep stakeholders informed
- Learn from trends - Identify root causes
Related: