How to check for vendor/product coverage in SC?

To know which Network Vulnerability Tests are available for a specific product or software vendor in Security Center, you can query the Security Center database.

1. Log in to the Security Center.

2. Click on the tab Vulnerability Manager on the top menu bar.

3. Then click on the tab Vulnerability tests on the sub-menu bar.

4. Type the name of the product vendor or the product name into the search bar.

The results will be loaded automatically.

If you want to run a more accurate search, for instance to search for a specific NVT or for NVTs with a defined CVSS score, click on the search button close to the search bar.

An Advanced Search pane will be displayed.

In this pane you can search by:

- CVE ID (To search for a NVT covering a specific vulnerability using the CVE ID assigned to it)

- CVSS Base Score (To search for NVTs that test for vulnerabilities rated with a specific CVSS base score or score range, for. ex. all NVTs between a 9.0 - 10 score, aka severity level Critical)

- Severity ( To display all NVTs matching one or more severity levels, for ex. all NVTs rated High and Critical)

- Discovery method (Authenticated, Remote, or both)

- Category (The kind of vulnerability category that you are interested in, for ex. XSS)

- HID (a reference code to a specific NVT that run during your Scan)

- CVSS Access Vector (To displays vulnerabilities according to the kind of access the attacker needs to exploit it: Network (remote access), Adjacent Network (broadcast or collision domain), Local (physical access or local account on the machine is required), All)

- By the period of time/date when the NVT was modified or first published

- Bugtraq ID (To search for a NVT covering a specific vulnerability using this id-number given by SecurityFocus)

5. Once the results have been displayed in the list below the pane / search box, click on the Title of the NVT of interest. A pop-up window with the vulnerability details and information such as Impact, Solution, Summary, Insight, Detection, References and Patches will open.

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.