 |
You are here: Docs>Sheriff Web>UserGuides>SheriffCSMDocumentation>UserGuide>VulnerabilityAssessment (06 Jun 2022, SheriffCyberSecurity)Edit Attach
Up
Previous Next Sheriff CSM™
Sheriff CSM architecture.
The Sheriff CSM Server controls vulnerability scanning on Sheriff CSM Sensors (Deputies). It scans assets in specific networks.
You can select which sensor should scan which network. Alternatively, you can also specify that the first available sensor in your Sheriff CSM deployment performs the scanning.
You cannot modify the risk factor assigned to each vulnerability. However, you can configure a ticket to be generated when the risk factor reaches a certain value. This value is called Vulnerability Ticket Threshold in Sheriff CSM. See Changing the Vulnerability Ticket Threshold for more information.
Previous Next Sheriff CSM™
Vulnerability Assessment
Sheriff CSM delivers vulnerability assessment as part of a complete package of security monitoring and management capabilities for efficient threat detection. Because to improve security in your network, you first need to know what is vulnerable.
What Is Vulnerability Assessment?
Vulnerability assessment is a functionality used for defining, identifying, classifying and prioritizing the vulnerabilities in your system.
Sheriff CSM architecture.
The Sheriff CSM Server controls vulnerability scanning on Sheriff CSM Sensors (Deputies). It scans assets in specific networks.
You can select which sensor should scan which network. Alternatively, you can also specify that the first available sensor in your Sheriff CSM deployment performs the scanning.
Vulnerability Assessment in Sheriff CSM
The Sheriff CSM Sensor has a built-in vulnerability scanner that you can use to detect vulnerabilities in critical assets. You then use these discovered vulnerabilities in cross-correlation rules, and when creating compliance and auditing reports.The Sheriff CSM Server controls the following scanning functions by the Sheriff CSM Sensor:
- Running and scheduling vulnerability scans
- Generating and examining reports
- Updating vulnerability signatures
Vulnerability Risk Factors
Discovering a vulnerability by itself is important, but can be of little use without the ability to estimate the associated risk to an asset. For this reason, Sheriff CSM assigns a risk factor to each vulnerability found in the system, which corresponds with the Common Vulnerability Scoring System (CVSS) v2.0 severity ratings provided by the National Vulnerability Database (NVD). Sheriff CSM also compares the detected vulnerability with the Common Vulnerabilities and Exposures (CVE) list and associates it with the CVE ID when a match is found. Vulnerability Risk Factors and CVSS Scores| Risk Factor | CVSS Scores |
|---|---|
| High | 7.0 – 10.0 |
| Medium | 4.0 – 6.9 |
| Low | 0.0 – 3.9 |
| Info | 0.0 and no CVE associated |
Edit | Attach | Print version | History: r13 < r12 < r11 < r10 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r13 - 06 Jun 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.