Cisco Cisco FirePOWER Appliance 8250
38-51
FireSIGHT System User Guide
Chapter 38 Working with Discovery Events
Working with Third-Party Vulnerabilities
Step 1
Select
Analysis > Search
.
The Search page appears.
Step 2
From the
Table
drop-down list, select
Vulnerabilities
.
The page reloads with the appropriate constraints.
Step 3
Optionally, if you want to save the search, enter a name for the search in the
Name
field.
If you do not enter a name, one is created automatically when you save the search.
Step 4
Enter your search criteria in the appropriate fields.
If you enter multiple criteria, the search returns only the records that match all the criteria. Click the add
icon (
icon (
) that appears next to a search field to use an object as a search criterion.
Step 5
If you want to save the search so that other users can access it, clear the
Save As Private
check box.
Otherwise, leave the check box selected to save the search so that only you can use it.
If you want to use the search as a data restriction for a custom user role, you must save it as a private
search.
search.
Step 6
You have the following options:
•
Click
Search
to start the search.
Your search results appear in the default vulnerabilities workflow. To use a different workflow,
including a custom workflow, click
including a custom workflow, click
(switch workflow)
. For information on specifying a different
default workflow, see
.
•
Click
Save
if you are modifying an existing search and want to save your changes.
•
Click
Save as New Search
to save the search criteria. The search is saved (and associated with your
user account if you selected
Save As Private
), so that you can run it at a later time.
Working with Third-Party Vulnerabilities
License:
FireSIGHT
The FireSIGHT System includes its own vulnerability tracking database which is used, in conjunction
with the system’s fingerprinting capability, to identify the vulnerabilities associated with the hosts on
your network.
with the system’s fingerprinting capability, to identify the vulnerabilities associated with the hosts on
your network.
If your organization can write scripts or create command line import files to import network map data
from third-party applications, you can import third-party vulnerability data to augment the system’s
vulnerability data. For more information, see the FireSIGHT System Host Input API Guide.
from third-party applications, you can import third-party vulnerability data to augment the system’s
vulnerability data. For more information, see the FireSIGHT System Host Input API Guide.
To include imported data in impact correlations, you must map third-party vulnerability information to
the operating system and application definitions in the database. You cannot map third-party
vulnerability information to client definitions.
the operating system and application definitions in the database. You cannot map third-party
vulnerability information to client definitions.
For more information, see:
•
•
•