IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Get started with CNVM Frequently asked questions (FAQ) »
Elastic Docs Elastic Security Solution [8.8] Cloud native security Cloud native vulnerability management

Findings

edit

Findings

edit

The vulnerabilities findings page displays the vulnerabilities detected by the CNVM integration. CNVM findings include metadata such as the CVE identifier, CVSS score, severity, affected package, and fix version if available, as well as information about impacted systems.

To help you prioritize remediation efforts, you can filter and sort your findings based on these fields. Clicking on a finding provides a detailed description of the vulnerability, and any available remediation information.

The Vulnerabilities tab of the Findings page

Group and filter findings

edit

You can filter vulnerability data in two ways:

  • The KQL search bar: Use this to filter your findings. For example, search for vulnerability.id : CVE-2019-00001 to view all findings related to a particular vulnerability.
  • In-table value filters: Hover over a vulnerability CVE ID to display available inline actions. Use the Filter In (+) and Filter Out (-) buttons.

Learn more about a vulnerability

edit

Click the arrow to the left of a vulnerability’s row to open the vulnerability flyout. This will display the detailed vulnerability description, link to the National Vulnerability Database (NVD), vulnerability publication date, identified data sources, and CVSS vector strings.

Remediate vulnerabilities

edit

To remediate a vulnerability and reduce your attack surface, update the affected package if a fix is available.

« Get started with CNVM Frequently asked questions (FAQ) »