Introduction

The Vulnerability Graph feature is designed for security professionals seeking to enhance their application security management. By providing a centralized view of vulnerabilities, the Vulnerability Graph streamlines the process of identifying, prioritizing, and remediating security risks effectively.

View Vulnerability Graph

Perform the following steps to view the Vulnerability Graph:

1. Click "AppSecOps" on the Main Menu

On the left navigation pane, click AppSecOps.

2. Click "Vulnerability Graph"

Click Vulnerability Graph.

3. View "Vulnerability Graph"

View the Vulnerability Graph. The vulnerability graph is an extensive network diagram that helps you understand your security posture. It illustrates supply chain vulnerabilities, showing their presence and prevalence in software components and their location within your infrastructure. Furthermore, it visualizes infrastructure vulnerabilities, misconfigurations, and threats found in your cloud resources, along with their interdependencies, and contextualizes all issues to the organizational hierarchy.

4. Click a Circle

You can click on a circle (or node) to see its network and can click on it.

📘

Note: You can use ADD+ to filter details and view specific details.

5. Click on a Misconfiguration

The Vulnerability Graph now shows the misconfigurations data available from the CoreStack's policy configurations. To view the misconfigurations details, click on a project, then click on a container, and then click a dot that corresponds to a misconfiguration.

6. View Misconfiguration Details

When a user clicks on a misconfiguration, then the "Misconfiguration details" screen opens up and they can see these details about misconfigurations -- Policy Name, Policy Description, Recommendation, Resource Category, Resource Type, Resources, Resource ID, Resource Name, Region, Resource Group, Cloud Provider, Source, and Severity.

📘

Note: In the Misconfiguration details screen, users can use the search box to search for any specific details they are looking for and they can use the download icon to download a copy with misconfiguration details.

7. Click a Vulnerability Point

To view vulnerability details on the network graph, users can click on "Component" and then click on a vulnerability point that appears.

8. View Vulnerability Details

The Vulnerability Details screen opens and it shows details in these columns -- Issue ID, Created Date, Modified Date (NVD), CVSS, Is KEV, and Severity. Users can click on an issue ID to view further details.

9. View CVE Details

A new screen displays where users can view CVE related details. Users can navigate to Basics, Scores & Vectors, and Reference Links tabs to view detailed vulnerability information.

10. Add Filters

Users can click ADD+ and apply filter to view specific details. To add the filter, click ADD+, select a filter, select values for the filter from the drop-down, and click Ok.

Page Views

Users can apply filters and create their page views. The next time they visit the Vulnerability Graph page, they can see the page view applied by them.

Perform the following steps to add/update/reset/delete page views:

1. Create New View

To add a new page view, click the ellipses and select Create New View.

2. Save the View

In the Create New View dialog box, in the Name box, enter the name of the view and then click Save. The new view is saved.

3. Reset View or Update View

To reset a page view, click the ellipses and select Reset View. A message appears confirming the same.

To update a page view, update the custom filters, click the ellipses, and select Update View. A message appears confirming the same.

4. Delete a View

To delete a page view, click the View drop-down list, and click the bin icon next to the view that needs to be deleted.