On the Home page, Cisco Vulnerability Management's Threat Drawer provides insight into highly targeted exploits that could result in a breach. The graph indicates which vulnerabilities are being attacked and exploited successfully, how often, and whether attacks are trending up or down week by week. It uses CVEs that are breached and attacked to provide security analytics that expose which threats will be the most critical now, and over time.
The Threat Drawer is located on at the bottom of the Home Page.
Click the “Show” arrow to open a drawer that will display the following graph.
Hovering over an individual bubble will open a pop-up window that displays pertinent information, such as the CVE, percent change since the last week, volume (number) of attacks, and a brief description of the CVE.
In this example, CVE-2020-0601 Windows CryptoAPI Spoofing vulnerability (Crypt32.dll) from early 2020 shows an increase of 19% since last week.
If you click one of these CVEs, Cisco Vulnerability Management automatically takes you to view that vulnerability in your environment if it exists. If the vulnerability does not exist in your environment, Cisco Vulnerability Management takes you to a page with 0 assets, 0 vulnerabilities, and 0 fixes which signifies that you do not have the vulnerability (open) in your environment.
Also, if you’d like to navigate back historically and view previous weeks, you can use the arrows on the left and right-hand sides to navigate through the trends historically one week at a time.
Comments
Please sign in to leave a comment.