Vulnerability Knowledge Base (VULN KB): Overview

Summary: High-level overview of the Vulnerability Knowledge Base (VULN KB).

Overview

The Vulnerability Knowledge Base (VULN KB) is an add-on feature that provides detailed information and analysis on vulnerability intelligence. It is both comprehensive and actionable, presenting knowledge and insight about the latest security vulnerabilities (CVEs) and their associated weaknesses (CWEs). VULN KB brings a comprehensive and exhaustive list of vulnerabilities (CVE) in a single easy-to-consume interface ideal for security analysts and threat hunter personas.

VULN KB includes the following:

  • Dashboard

  • List Views for Vulnerabilities and Weaknesses

  • Comprehensive Filtering

  • Vulnerability Detail View

Navigation

The new VULN KB is accessible via a newly added menu option in the navigation bar labeled VULNERABILITY KB. The menu consists of the following three drop-down options.

  • Vulnerability KB Dashboard: A visual representation of Vulnerability and Weakness distributions with summary data and search capabilities.

  • Vulnerabilities: A list view that depicts individual Vulnerabilities (CVEs) and all associated threat data, including trending, ransomware, exploits, and more. Includes patch data and filtering capabilities.

  • Weaknesses: A list view that depicts individual Weaknesses (CWEs and OWASPs), including MITRE’s Top 25 and the OWASP Top 10, as well as affected CVE vulnerabilities. Includes filtering capabilities.

VULN KB - Menu Location

Within each of these new knowledge base views, an updated filtering system has been implemented, allowing you to more easily identify the weaknesses and vulnerabilities your organization should focus on.

Dashboard

The Vulnerability KB Dashboard provides insightful visualization on vulnerabilities, their threat context, and a comparison of their severity level as compared with RiskSense VRR. Dashboard widgets display top trending vulnerabilities and top vulnerabilities based on vendors. Vulnerability distributions based on software weaknesses (CWE) are also shown, with a focus on OWASP Top 10 and CWE Top 25. The dashboard can be filtered based on Vendors and CVE published year to view a more granular distribution of vulnerabilities.

VULN KB - Dashboard

List Views

VULN KB features two list views: Vulnerabilities and Weaknesses. The Vulnerabilities list view provides detailed information on all known vulnerabilities in the RiskSense database, regardless of context. This database is updated daily. The list view includes KRI cards, a complete list of CVE vulnerabilities, and a detailed pane. It is filterable using Quick Filters or a more detailed filtering system. The Weaknesses list view focuses on the full list of available software weaknesses (CWEs) as defined by MITRE and features the same filtering capabilities as the Vulnerabilities view.

VULN KB - Vulnerabilities List View

VULN KB - Weaknesses List View

Filtering

To quickly and easily identify the data your organization is interested in, two kinds of filtering functionality have been made available. Quick filtering is provided on the left side of the screen and allows easy application of commonly-used filters. At the top of the list view, a detail filtering option is provided that includes functionality to collect various filter categories by AND logic as well as OR logic. The OR capability can be used to enhance the types of filters and results that you are looking for. Up to three OR groups can be used in filtering to get more granular results with complex searches.

VULN KB - Filtering

Vulnerability Details

Clicking on a particular vulnerability’s identifier will open a detail page for that vulnerability. This page provides CVSS and VRR scores, an overview of the vulnerability, exploits, and malware associated with the vulnerability. It also provides information on affected products, including details such as vendors, affected product versions, and fixes and solution information.

VULN KB - Vulnerability Details