The VMDR Prioritization Report allows you to automatically identify the vulnerabilities that pose material risk to your organization and business. It does so by correlating vulnerability information with threat intelligence and asset context to zero in on the highest risk vulnerabilities.
Indicators such as Exploit, Actively Attacked, and Wormable bubble up current vulnerabilities that pose risk while the “Predicted High Risk” indicator uses machine learning models to highlight vulnerabilities most likely to become material risks, providing multiple levels of prioritization.
The VMDR prioritization report:
- Empowers security analysts to pick and choose the relevant threat indicators. For example, if an organization has financial data of users, they can prioritize vulnerabilities based on ‘High Data Loss’ indicator to first identify and remediate vulnerabilities that may result in data exfiltration, if exploited.
-Helps you identify the specific patch that fixes a particular vulnerability.
-Reduces remediation time by deploying the patch from the same platform in an integrated workflow, at the click of a button.
Using real-time threat intelligence, you can detect which vulnerabilities to remediate first. Indicate the most critical threats and prioritize patching.
Before you start generating the VMDR prioritization report, ensure that you have gathered the vulnerability posture for the assets. You could build your asset inventory using cloud agents or other methods such as scanners, Passive Sensor, Cloud Inventory, Container Inventory, Mobile Device Inventory. All the assets identified by cloud agents and sensors are listed in the Vulnerabilities tab. Refer to VMDR online help for more information.
1. Go to Prioritization > Reports and click Create Report. If you are generating the report for the first time, click on the Prioritization tab.
2. Select the Asset tags to narrow down your prioritized list to vulnerabilities associated with the assets you select.
3. Select the various filters for Threat Prioritization Report. Show me
Detection Age: Select detection age ranges (0-30, 31-60, etc.) to include in the report. The Detection age is based on when the vulnerability was first detected (by a scanner or cloud agent).
Real-Time Threat Indicators: Select the Real-Time Threat Indicators (RTIs) that you’re interested in. Your report will include vulnerabilities that match *any* of the selected RTIs. Learn more
Attack Vectors: Select these filters to remove vulnerabilities from the report that aren’t the highest priority so you can focus on what’s most critical to your organization. Learn more
4. Click Prioritize Now to enable the threat intelligence to prioritize the riskiest vulnerabilities on your network for the assets you selected.
Once you generate the report, you could proceed with patching the vulnerabilities, export the report in the form of a widget to Thread Protection dashboard or download the report in CSV format.
How to Read The Report | Export Report to Dashboard | Download Report