The Groupings tab on the Threat and Vulnerability Preferences page lets you view entities affected by a vulnerability, grouped by attributes. Entities can be grouped by:
- App Vendor;
- App OS;
- App Version;
- Entity Type;
- Entity Subtype;
- Criticality;
- Custom String 1-25;
- Hierarchy Level 1-15;
- Hardware Product;
- Hardware Vendor;
- Hardware Version;
- Owner;
- OS Name;
- OS Vendor;
- OS Version.
This allows you to analyze a vulnerability from different many different perspectives to check the effect of a vulnerability.
You can combine different attributes or select one or more hierarchy levels to create a grouping. Creating a grouping using one or more hierarchy levels requires an understanding of the groupings behavior for each hierarchy level.
- Selecting entities to group by organizational hierarchy level displays the affected entities in that level and below that level. For example, if you select Level 1, the affected entities will be grouped by Group A, Group B, Group C, Group D, Group E, Group F, and Group G.
- Selecting entities grouped by levels that are adjacent to each other will display the affected entities in separate groups for each path. For example, if you select hierarchy Level 1 to Level 3, the affected entities are displayed in the following groups: Group A, Group B, and Group E; Group A, Group C, and Group F; Group A, Group D, and Group G.
- Selecting entities grouped by levels that are not adjacent to each other will display the affected entities in the lowest hierarchical level group. For example, if you select Level 1 and Level 3, the affected entities are displayed in the following groups: Group E, Group F, and Group G.
- Affected entities belonging to one or more groups appear multiple times, one for each subgroup to which it belongs.
Rebuild Grouping Cache: Allows you to rebuilds all entity groups from the beginning.
Update Grouping Cache: Allows you to update all entity groups from the last timestamp.