General

How to check for vendor/product coverage?

Which Network Vulnerability Tests are available for a specific product or software vendor in Security Center, you can query the Security Center database.

1. Log in to the Security Center

2. Click on the tab Vulnerability Manager on the top menu bar.

3. Then click on the tab Vulnerability tests on the sub-menu bar.

4. Type the name of the product vendor or the product name into the search bar.

The results will be loaded automatically.

If you want to run a more accurate search, for instance, to search for a specific test or tests with a defined CVSS score, click on the search button close to the search bar.

An Advanced Search pane will be displayed.

In this page, you can search by:

CVE ID (To search for a test covering a specific vulnerability using the CVE ID assigned to it)

CVSS Base Score (To search for tests that test for vulnerabilities rated with a specific CVSS base score or score range for. ex. all tests between a 9.0 - 10 score, aka severity level Critical)

Severity ( To display all tests matching one or more severity levels, for ex., all tests rated High and Critical)

Discovery method (Authenticated, Remote, or both)

Category (The kind of vulnerability category that you are interested in, for ex. XSS)

HID (a reference code to a specific test that runs during your Scan)

CVSS Access Vector (To display vulnerabilities according to the kind of access the attacker needs to exploit it: Network (remote access), Adjacent Network (broadcast or collision domain), Local (physical access or a local account on the machine is required), All)

- By the period of time/date when the test was modified or first published

Bugtraq ID (To search for a test covering a specific vulnerability using this id-number given by SecurityFocus)

5. Once the results have been displayed in the list below the pane/search box, click on the Title of the test of interest. A pop-up window will open with the vulnerability details and information such as Impact, Solution, Summary, Insight, Detection, References, and Patches.