VulnIQ Vulnerability Manager Documentation

Please see bundled help pages for current and detailed documentation.

Scans

Terzi supports two types of data collection actions on endpoints:

  • System Info: Collects only operating system information, installed packages and similar system information
  • Scan: In addition to system information, runs a full vulnerability scan

You can see Scans and System Information collections using the Scans link in the main menu. Scans can be filtered using various attributes such as hostnames, start-end times.

Scan details contains three main tabs: OS & Software, Scan Metadata and Findings. Findings tab is only available for Scans and contains the list of discovered issues.

You can view full details of scan findings, verification actions including OVAL interpreter logs by clicking "Scan Details" link for each Finding.

Assets

An asset inventory will be automatically created from processed scan results. By default assets will be named based on collected hostnames.

Docker containers will be named as follows:

Hostname_of_the_host_machine > container_name
For example asset name for a docker container named "rhel_7_web_1" running on host "srv11.example.com" will be
srv11.example.com > rhel_7_web_1
where the asset name for the host will be
srv11.example.com

Operating Systems

An operating system inventory will be automatically created from processed scan results. You can browse assets and software inventory by operating systems.

Software Inventory

Installed software collected by Terzi will be automatically processed and a software inventory will be created. The inventory contains a list of all software packages installed on any asset.

You can browse versions of software packages, see on which assets they are installed and instantly view their current vulnerabilities and all other related data processed by VulnIQ Information Engine.

Vulnerabilities

An inventory of current vulnerabilities affecting your organization will be automatically created from Terzi and third party scan results.

You can also generate vulnerability reports affecting software in your inventory. As long as the software inventory is up to date, this will give you a quick overview of vulnerabilities that might affect your organization.

Vulnerability Remediation

VulnIQ is built using an API first approach and this is one of the key areas where APIs help immensely. You can continue using your existing task management system to manage vulnerability remediation tasks by integrating it with VulnIQ Vulnerability Manager using the APIs.

VulnIQ Vulnerability Manager also provides built-in task management and remediation functionality for customers that don't want to use an external task management system.