Cisco Cisco FirePOWER Appliance 7020
38-52
FireSIGHT System User Guide
Chapter 38 Working with Discovery Events
Working with Third-Party Vulnerabilities
Viewing Third-Party Vulnerabilities
License:
FireSIGHT
After you use the host input feature to import third-party vulnerability data, you can use the Defense
Center to view a table of third-party vulnerabilities. Then, you can manipulate the event view depending
on the information you are looking for.
Center to view a table of third-party vulnerabilities. Then, you can manipulate the event view depending
on the information you are looking for.
The page you see when you access third-party vulnerabilities differs depending on the workflow you use.
There are two predefined workflows. You can also create a custom workflow that displays only the
information that matches your specific needs. For more information, see
There are two predefined workflows. You can also create a custom workflow that displays only the
information that matches your specific needs. For more information, see
The following table describes some of the specific actions you can perform on a third-party
vulnerabilities workflow page. You can also perform the tasks described in the
vulnerabilities workflow page. You can also perform the tasks described in the
table.
To view third-party vulnerabilities:
Access:
Admin/Any Security Analyst
Step 1
Select
Analysis > Vulnerabilities > Third-Party Vulnerabilities
.
The first page of the default third-party vulnerabilities workflow appears. To use a different workflow,
including a custom workflow, click
including a custom workflow, click
(switch workflow)
. For information on specifying a different default
workflow, see
.
Tip
If you are using a custom workflow that does not include the table view of third-party vulnerabilities,
click
click
(switch workflow)
, then select
Vulnerabilities by Source
or
Vulnerabilities by IP Address
.
Understanding the Third-Party Vulnerabilities Table
License:
FireSIGHT
When you import third-party vulnerability information using the host input feature, the system stores
that information in its database. The fields in the third-party vulnerabilities table are described in the
following table.
that information in its database. The fields in the third-party vulnerabilities table are described in the
following table.
Vulnerability Source
The source of the third-party vulnerabilities, for example, QualysGuard or NeXpose.
Table 38-12
Third-Party Vulnerability Actions
To...
You can...
learn more about the contents of the
columns in the table
columns in the table
find more information in
.
view the vulnerability details for a
third-party vulnerability
third-party vulnerability
click the view icon (
) in the SVID column. Alternatively,
constrain on the vulnerability ID and drill down to the
vulnerability details page. For more information, see
vulnerability details page. For more information, see
.