Skip to main content
All CollectionsUser Guide
Vulnerability Management
Vulnerability Management
Ahmad avatar
Written by Ahmad
Updated over 2 months ago

Vulnerabilities are defined as weaknesses or loopholes in a system that can be exploited by attackers. The existence and eventual exploitation of these vulnerabilities can disrupt systems and businesses as well as expose sensitive or personal information.

SIRP’s Vulnerability Management helps security teams identify and prioritize high-risk vulnerabilities

Vulnerability Management module can be accessed by opening the Main Menu and clicking on Vulnerability Management. The list of vulnerabilities identified within an organization will open up.

You can click on the Search bar to filter the list or apply a search filter for any specific type of vulnerability.

Multi-Select Search Filter In Vulnerability Management

Multi-select filter for severity and attack type within the Vulnerability Management (VM) module empowers users to prioritize critical threats by filtering vulnerabilities based on these criteria.

Accessing Severity Filters:

Navigate to the severity filter section within the vulnerability management module.

Dropdown Selection:

Locate the severity dropdown menu. Click on it to reveal the available severity options.

Selecting Multiple Severities:

To select a multiple severity level, click on the corresponding option in the dropdown.

Viewing Filtered Results:

After selecting the desired severity levels, observe how the list of vulnerabilities updates to reflect the chosen filters. You'll now see vulnerabilities that match any of the selected severity levels.

Adjusting Filters:

To refine your results further, you can combine severity filters with other filter criteria such as attack type or status.

Clearing Filters:

If you wish to start over or remove all selected severity filters, simply deselect each severity level.

Export

You can export the list in PDF or Excel format by clicking on Export as drop down displayed at the top right of the page.

Users can also define recipients for notifications when export jobs are completed and exported files are ready for download.

How it works for Exporting Vulnerabilities:

  1. In Vulnerability Management, users can initiate an export by clicking the "Export" button. This opens a drawer where they can select the desired Report Type and optionally choose recipients from the Notify To section by adding names.


  2. Once the selections are made, the system processes the export request in the background. The user is then directed to the "Exported Vulnerabilities" section within SIRP.

    In the "Exported Vulnerabilities" section, users can monitor the export status, which initially shows as "Pending." Once processing is complete, the status changes to "Completed," and the report (Excel or PDF format) becomes
    available for download.

You can also click on the view button displayed under the Action tab. You will be redirected to a page, where you can view the vulnerability’s details.

The information on the page is divided into multiple tabs:

  • Timeline: Provides a detailed timeline of the reported vulnerability and which analyst has been working on it.

  • Details: Provides the details of the vulnerability in a tabular form

  • CVSS V2: Provides the characteristics and impacts for the vulnerability according to the open framework of CVSS Version 2.

  • CVSS V3: Provides you with CVSS metrics for the vulnerability.

  • Assets: All the assets tagged with the vulnerability are listed in this tab.

  • Management Feedback: Provides feedback from asset stakeholders

  • Cases: Any cases opened for the vulnerability or any cases in which this vulnerability has been tagged are listed in this tab. You can click on the Case to view the Case details.

  • Scan History: Provides a history of VA scans, where the vulnerability has been highlighted.

Bulk Update

SIRP allows analysts to update the status of multiple Vulnerabilities at once. It also provides the option to create custom vulnerabilities and update them.

Select multiple items and click on Bulk Update button at the top of the Vulnerability Management module.

This will open a pop-up window.

Update the status of resolved whether yes or no.

Click Update.

Assessments

SIRP also allows you to initiate (manual or tool-based) vulnerability assessments. To view and manage the list of existing assessments, navigate to the Main Menu, select Vulnerability Management, and click on the Assessments button displayed at the top of the page.

Main Menu > Vulnerability Management > Assessments

You can Generate, View, View Logs, Manage Assessment and Delete, and Manage Vulnerabilities for any assessment by clicking on the respective button, in the drop-down under the Action column.

If you wish to add a new assessment, click on the Initiate Assessment button provided at the top. You will be redirected to a page where you can fill in the required fields and click on the Create button displayed at the bottom. This option allows you to create an assessment by manually adding the vulnerabilities (particularly useful in documenting Pen-Test results).

The newly created record will appear in the assessments list.

Initiate Vulnerability Scan

To shorten investigation times, SIRP allows you to initiate vulnerability assessments from the vulnerability management module.

To access this, navigate to the Main Menu, select Vulnerability Management, and click on the Assessments button displayed at the top of the page.

Main Menu > Vulnerability Management > Assessments > Initiate Automated Assessments

After clicking Initiate Automated Assessments, a new window will open up.

Fill in the details such as Application, Config, Input Type, Site, Scan Engine, and Templates.

Click Initiate.

Scan Results

After the scan is completed, click on View under Action column to view the list of reported vulnerabilities

The Assessment detail page will list all the vulnerabilities reported in the scan

All

This list shows you all the vulnerabilities identified in the scan.

Resolved

This list shows you all the vulnerabilities that were found in the "last scan" but Not found in this scan against the assets that were scanned. This feature allows you to view vulnerabilities that have been successfully patched by the team (as compared to the last scan). Use this data to coordinate with the relevant teams and stakeholders to follow-up on the patching process.

New

This list shows you all the vulnerabilities that were not found in the "last scan" but are found in the current/latest scan against the assets that were scanned. This feature allows you to view the new vulnerabilities so you can initiate the patching process.

Import

SIRP also allows you to import vulnerability assessment reports from third-party VA tools (Tenable, Nexpose, Rapid 7, Qualys, etc.) into SIRP by clicking on the Upload button displayed at top of the Assessment page.

  • A drawer will open on the right side.

  • Select any from the dropdown menu.

  • Click Upload to choose the file from your computer.

  • The uploaded file will be added to the list of imported assessments.

  • One can delete any imported assessment that is in pending status or completed.

Export

SIRP also allows you to export vulnerability assessment reports in form of an Excel or PDF by clicking on the Generate Report button displayed on the Vulnerability Assessments page in the dropdown.

Cases

Cases enable the security team to run an effective vulnerability management program within an organization. A case can be opened for one or more vulnerabilities when the resolution of those vulnerabilities is required.

To manage the list of Vulnerabilities-related cases, navigate to the Main Menu, select Vulnerability Management, and click on the Cases button displayed at top of the page.

Main Menu > Vulnerability Management > Cases

You can add Task, View, Update, or Delete these cases by clicking on the respective option displayed under the Actions column.

If you wish to add a new case, click on the Open Case button displayed on the top left of the Vulnerability view. You will be directed to a page where you must fill in the required fields in the given sections i.e. Information, Evidence, and Remediation. Once done, click on the Create button displayed at the bottom of the page.

While creating a case from the vulnerability module, you can add multiple case items (vulnerabilities) within one case.

Insert Vulnerabilities: In the Create/ Edit form, find the field “Case Item(s)” and search & select your desired vulnerabilities and submit the form.

The newly created case will appear in the main cases list.

View attached/Linked Vulnerabilities: Once vulnerabilities are added to the VM Case, they are visible under the “vulnerabilities” heading in the View Screen of VM case.

Did this answer your question?