View information about the Vulnerabilities risk factor, which is determined by highly exploitable CVEs detected on your managed assets.
Trend Micro analyzes your environment to identify any high-priority vulnerabilities
in your
organization using global activity data, CVE information, and local detection activity
to produce
customized vulnerability assessment scores for each asset. The Vulnerabilities risk
factor
contributes to the Exposure Index.
Trend Micro sources CVE information from the National Vulnerability Database (NVD)
and security
advisories issued by major software vendors, such as Microsoft and Red Hat. The NVD
sometimes
publishes information later than the vendors of affected products, which might result
in delayed
CVE assessment results in Trend Vision One.
The Vulnerability Assessment service scans endpoints for vulnerabilities related to
the
operating system, applications on Windows devices, and ECR container images. For more
information
about the specific operating systems supported by Vulnerability Assessment, see Vulnerability Assessment supported operating systems. For more
information about supported language packages used in ECR container images, see Vulnerability Assessment supported language
packages
On Windows devices, Vulnerability Assessment updates between 10 minutes and 1 hour
after an
operating system vulnerability is patched and applications are scanned once per day.
On Linux
devices, Vulnerability Assessment scans for vulnerabilities once per day.
The following table outlines the widgets available in the
Vulnerabilities section.
Widget
|
Description
|
||||
Vulnerability Management Metrics
|
View information about CVEs and operating system vulnerabilities effecting your
organization.
|
||||
Highly Exploitable Unique CVEs
|
Lists devices, hosts, containers, and cloud VMs with highly exploitable CVEs.
The tabs of the Highly-Exploitable Unique CVEs widget display CVEs
detected on your internal and internet-facing assets, as well as containers and cloud
VMs.
Mitigating the vulnerabilities with the highest CVE impact score, global exploit activity,
or CVSS score is an effective way to reduce the Risk Index.
|
The following table describes the risk indicators associated with the
Vulnerabilities risk factor.
Indicator
|
Description
|
Data Sources
|
Target
|
OS vulnerability
|
The detection of exploitable operating system
vulnerabilities on the endpoint
|
|
|
Application vulnerability
|
The detection of exploitable application vulnerabilities
on the endpoint
|
|
|
Zero-day vulnerability
|
The detection of exploitable zero-day vulnerabilities on the endpoint
|
|
|