View information about the Vulnerabilities risk factor, which is determined by CVEs detected on your managed assets.
Trend Micro uses global activity data, CVE information, and local detection activity
to analyze your environment and produce customized vulnerability assessment scores
for each asset. The Vulnerabilities risk factor contributes to the Exposure Index.
Trend Micro sources CVE information from the National Vulnerability Database (NVD)
and security
advisories issued by major software vendors, such as Microsoft and Red Hat. The NVD
sometimes
publishes information later than the vendors of affected products, which might result
in delayed
CVE assessment results in Trend Vision One.
The Vulnerability Assessment service scans endpoints for vulnerabilities related to
the operating system, applications on Windows devices, ECR container images, cloud
VMs, and serverless functions. For more information about the specific operating systems
supported by Vulnerability Assessment, see Vulnerability Assessment supported operating systems. For more information about supported language packages used in ECR container images,
see Vulnerability Assessment supported language
packages.
On Windows devices, Vulnerability Assessment updates between 10 minutes and 1 hour
after an operating system vulnerability is patched. Applications are scanned every
ten minutes. On Linux devices, Vulnerability Assessment scans for vulnerabilities
once per day.
ImportantTo start receiving vulnerability data in Trend Vision One, you must first connect
one or more vulnerabilities data sources. For more information, see Vulnerability Assessment.
|
The following table outlines the widgets available in the
Vulnerabilities section.
Widget
|
Description
|
||||
Vulnerability Management Metrics
|
View information about CVEs and operating system vulnerabilities affecting your organization.
|
||||
Detected Vulnerabilities
|
Lists devices, internet-facing assets, containers, cloud VMs, and serverless functions
with CVEs.
The tabs of the Detected Vulnerabilities widget display CVEs detected on your internal and internet-facing assets, containers,
cloud VMs, and serverless functions. Mitigating the vulnerabilities with the highest
CVE impact scores, global exploit activity, or CVSS scores is an effective way to
reduce the Risk Index.
|
The following table describes the risk indicators associated with the
Vulnerabilities risk factor.
Indicator
|
Description
|
Data Sources
|
Target
|
OS vulnerability
|
The detection of exploitable operating system
vulnerabilities on the endpoint
|
|
|
Application vulnerability
|
The detection of exploitable application vulnerabilities
on the endpoint
|
|
|
Zero-day vulnerability
|
The detection of exploitable zero-day vulnerabilities on the endpoint
|
|
|