Kenna.VI is a comprehensive research tool that provides access to a wealth of threat intelligence as it relates to your environment and the external environment. This encompasses the entire universe of CVEs. Kenna.VI has two variants:
- Kenna.VI: Shown in the UI portion below
- Kenna.VI+: Provides access to the Threat Intel API
Navigating the New VI Tab
From the new VI tab, you can access the five filtering facets as they relate to identified vulnerabilities.
You can select any of the above facets to filter the vulnerabilities based on one of or more the options.
In the Search bar, you can enter the specific CVE-20XX-XXXX to access information related to that vulnerability.
You also have the ability to search on a growing list of items. (For full search bar terms click the ? icon.)
You can also use the Vulnerability Filters option to adjust the parameters based on the Kenna Risk Score and/or CVSS Base score.
You can choose to list vulnerabilities based on the publication date or score (ascending or descending).
Viewing Individual CVE information
Click on the CVE link or the arrow to explore the specific CVE further.
By default, the CVE page opens with the Description link open. This provides an overview of the CVE. Also listed are the Fix, Exploits, and Malware links of the CVE.
You can see the Kenna Risk Score, the vulnerability categories, and the CVSS data.
The CVE Published and Updated on dates are also listed.
Clicking the Fix link displays any associated fixes that have been identified and can be employed.
This page provides details associated with the identified fix including any relevant Knowledge Base articles.
Clicking the Exploits link provides additional information on whether the vulnerability has been weaponized and the source of the exploit.
Clicking the Malware link shows all the associated malware including their identifiers (SHA256, SHA1, and MD5).