Fixes, Fix Groups, and Top Fix Groups

Fixes

The fixes view will show all available fixes for the vulnerabilities/assets being displayed in the Explorer view. Fixes are sorted by the number of associated vulnerabilities:

Screen_Shot_2017-08-15_at_10.04.40_PM.png

Each Fix displays all of the related CVEs and each of the assets affected by those CVEs. We also include diagnosis (a brief description of the vulnerability), consequence (what a successful exploit could result in or allow an attacker to do), and solution (how, specifically, to remediate the vulnerability), based on vendor data.

Users can filter by risk score and threat vectors to display the highest risk items and view the number of assets and vulnerabilities that would be involved in the remediation. 


Top Fix Groups

For each Kenna Risk Meter group report, Kenna provides up to 10 Top Fix Groups, which contains a list of the 10 largest risk reduction Fix Groups for that Risk Meter:

The Top Fix Groups view for a Risk Meter contains its current Risk Score, along with the lower score that the Risk Meter would move to after remediating all vulnerabilities in a specific Fix Group. These are sorted by largest risk reduction, left to right, with a button on the right side to move to the second page of Top Fixes:



In the example above, remediating the vulnerabilities for all 3 listed Fixes will reduce the current risk score of 680 by 11 points, down to a new score of 669.

All of the Top Fix Groups (not just the one currently displayed) can be exported in this view by clicking the "Export CSV" button to the right.

Powered by Zendesk