Last Updated: 10/25/2023
Overview
There are 2 areas in the NopSec platform that contain vulnerability details.
As a quick reminder, Vulnerabilities within the NopSec platform are dependent on the specific scanners you've integrated as several provide a concept of a "plugin" or "vulnerability" which may be a roll up of several CVEs in one. Vuln Instances are the specific CVE for a Vulnerability seen on a specific Target. For more details read the Onboarding article on Vulnerability vs Vuln Instance.
The following steps will guide you through viewing asset details in the NopSec Platform:
Default Prioritize View:
- By default you will be taken to the “Prioritize” page when logging into the Nopsec Platform. The Prioritize page will provide a summary view of the most recent vulnerability ingested from your scanners. Column headers can be dragged and dropped to provide a more customized view of the data.
Vuln Instance Details Page:
- At the top right of your console select “Vuln Instances” next to the “Group By” option.
- Click on the “eye” icon located on the first column of the table, next to the checkbox, to access the vulnerability instance details pop out page.
- Use the tabs within the page to view additional details to include:
- References - Additional links and information including deep links, known malware and exploitability data.
- Target - Includes asset metadata and any tags.
- Threat Intel - Additional threat intelligence references.
- Notice that each vuln instance has a specific Target associated with it.
- The way you identify a vuln instance is by taking the Target Name, Target Location, and the specific Vuln Scanner ID.
- For Qualys integrations, the Vuln Scanner ID is the Qualys ID (QID).
- The way you identify a vuln instance is by taking the Target Name, Target Location, and the specific Vuln Scanner ID.