Vulnerabilities represent a potential hole in your system that can be exploited and used for malicious purposes. Feeds, such as the National Vulnerability Database (NVD) or iDefense, report new vulnerability definitions on a regular basis. Vulnerability definitions are usually mapped to descriptions in the Common Vulnerabilities Enumeration (CVE), but sometimes definitions arrive without CVE identifiers as "early warnings."
Vulnerabilities that apply to your specific entities and technologies are considered actual, rather than inferred, vulnerabilities. When you acknowledge a new vulnerability definition as applying to your system, you will be the owner of the vulnerability instance. You can assign a different owner as needed.
The Threat Management menu includes predefined vulnerability reports, such as:
- My Vulnerabilities
- Vulnerabilities from Scanners or Users
- Inferred Vulnerabilities
- Scanner & Inferred Vulnerabilities (includes user-entered vulnerabilities)
- Exploits
- All Vulnerabilities
- Recent Vulnerabilities
- Recent Vulnerabilities of Interest
In addition, the Vulnerabilities Dashboard provides an overview of new vulnerabilities and their resolution.
