Virtual Vulnerability Scanner

The Virtual Vulnerability Scanner (VVS) Software System is designed to identify and catalog vulnerability information for devices within Neurons. This system continuously maps software installed on devices to known security vulnerabilities. It uses the Common Platform Enumeration (CPE) data sourced from the Software Inventory (SI) service. The CPE data is used to gather all associated vulnerabilities from RiskSense RBMV. This ensures a comprehensive security risk assessment for each device.

VVS service is built on top of existing exposure services and components.

To view the VVS report, go to Exposure Management > Exposure tab. For more information refer to Exposure.

Feature Workflow

The following list outlines the VVS workflow at a high level.

1. Software Inventory (SI) collects a list of software installed on the device.
2. SI creates CPE events when a software change is made on the device.
3. VVS receives the CPE events for processing. The CPE event may find multiple mappings from SI, but selects the highest version for the vulnerability scan.
4. VVS checks for any vulnerabilities based on the events and updates the tenant's cache.
5. The vulnerability report is sent to data services based on the vulnerability mapping.

Enable or Disable VVS

The built-in vulnerability scanner can be turned off as required. To turn off Ivanti VVS, go to Admin > Settings > Virtual vulnerability scanner. Then, turn off the Enable virtual vulnerability scanner option.

Additionally, click the Delete VVS data option to delete all Ivanti VVS data.

It is recommended to turn off the Ivanti VVS if you are using a different security vulnerability scanner to detect exposures.