After deploying sensors on workloads, you can view the vulnerability data within few minutes. You can review security vulnerabilities and use this information to schedule maintenance windows for patches or updates.
You view all vulnerabilities for your workloads while logged in to the Carbon Black Cloud console and navigating to the tab.
The Inventory > VM Workloads > Enabled tab provides a quick view of workload vulnerabilities as well. Double-click a row and view all of the vulnerable processes running on the selected VM in the Vulnerabilities section, part of the VM's details panel.
VMs can have multiple vulnerabilities, each with different CVSS score. Based on this score, vulnerabilities are filtered on the level of severity - critical, important, moderate, or low. The higher the score, the higher the severity.
Critical severity is the default filter. To view all vulnerabilities irrespective of their severity, click All. This view shows the count of all vulnerabilities across all assets and products - operating systems (OS), apps, and versions.
Depending on how you want to view the vulnerability data, you can select either the VMs view or the Vulnerabilities view from the View by drop-down menu.
VMs View
After you navigate to the tab, the VMs view is available by default. Here you can filter the data by OS (Windows or Linux) and manage the data the sensors gather from all VMs in your environment. Double-click an asset row or click the > icon to view more information on related vulnerabilities in the expanded Vulnerabilities details panel. To view the updated vulnerability data immediately, click Reassess now from the Vulnerabilities details panel.
Vulnerabilities View
Once you navigate to the tab, select the Vulnerabilities view from the View by drop-down menu. While in the Vulnerabilities view, you can use the Type drop-down menu to filter data based on App or OS. Use the OS drop-down menu to filter data based on Windows or Linux.
OS-level and App-level vulnerabilities for Windows VMs are discovered through the OS details and security patches applied on each VM. OS- level and App-level vulnerabilities for Linux VMs are discovered through the OS details and the list of all installed packages. When the security patch associated with vulnerability is not applied or the package installed is detected to be vulnerable, the system flags the VM as vulnerable. For details on how to remediate a vulnerability, see Resolve Vulnerabilities.
