Skip to content
SecPod  – Documentation
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
Search this website
Menu Close
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO

Saner Platform

  • Saner Platform Release Notes
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner Platform Guide
    • Saner Platform Function Guides
    • Saner Device Management User Guide
  • How Tos
    • General
      • How to increase the subscription count for an Account in Saner CVEM
      • How to increment license count for an Organization in Saner CVEM
      • How to provision Saner tools for an Organization
      • How to change subscription type in Saner CVEM
      • How to sign-up with Saner CVEM?
      • How to create a new account in Saner CVEM?
      • How to create a new user in Saner CVEM?
      • How to enable SSO authentication policy in Saner CVEM?
      • How to set alerts in SanerNow?
      • How to view, download and filter the audit logs?
      • How to designate Saner Agent to perform network scan?
      • How to Co-Brand with your logo?
      • How to fetch the details of the mandatory fields from the Okta account?
      • How to create MFA policy for Okta?
      • How to fetch the details of the mandatory fields from the PingID account?
      • How to create MFA policy for PingID?
      • How to fetch the details of the mandatory fields from the PingOne account?
      • How to create MFA policy for PingOne?
      • How to download and install Saner Agent in Mac?
      • How to download and install Saner agent in Linux?
      • How to download and install the Saner agent in Windows?
      • How to update the expiry date of an existing subscription?
      • How to manage users and their preferences using role-based access?
      • How to uninstall SanerNow Agent using SanerNow Offline deployer tool.
      • How to onboard a new organization?
      • How to deploy SanerNow Agent using SanerNow Offline deployer tool.
      • How to install a Saner agent through the command line?
      • How to uninstall the Saner agent through command line?
    • Saner Reports
      • How to configure mail settings to email Report PDF?
      • How to create a custom report in SanerNow?
      • How to schedule for the report back up?
    • Saner Device Management
      • How to create custom groups in Saner CVEM
    • Saner Mail Settings
      • How to create new mail settings in Saner?
      • How to use OAuth-enabled authentication in Saner mail settings
      • How to create OAuth Client ID and Client Secret for Gmail
      • How to create OAuth Client ID and Client Secret for Microsoft 365.
  • FAQs
    • Saner CVEM Technical FAQs
  • Supported OSs and Platforms
    • Operating Systems and Platforms Supported
    • Supported Third-party Applications for Patching

Saner Cloud

  • Before You Begin
    • Glossary of Terms
    • Read me First
  • Get Started
    • Saner Cloud Deployment Guides
      • Azure Onboarding
      • Troubleshooting
      • Get Started with Saner CNAPP AWS Cloud Deployment V1.0
      • Protected: Onboarding with AWS Credentials(Least Recommended Method)
      • Protected: Onboarding with AWS Role(Manual)
      • Protected: Onboarding with AWS Role CloudFormation (Automatic): Recommended
    • Roles and Permissions
      • Roles and Permissions for AWS Remediation Access
      • Roles and Permissions for Azure Onboarding, Detection, and Remediation
  • Learn About
    • Excessive Permission Categories Evaluated Across Different Cloud Services
    • Publicly Accessible Resources
    • Patch Aging and Patch Impact
    • SecPod Default Benchmarks
    • Watchlists
    • Cloud Workload Protection Platform(CWPP)
    • Overview of Report Views in Saner Cloud
    • Whitelisting Resources
    • Saner Plasma AI Assistant for Seamless User Interaction
    • Critical Events to Monitor in AWS
    • High-Privilege Actions in Critical Activity Logs for AWS
    • Audit Logs in Saner Cloud
    • Excessive Permissions
    • Alerts in SanerCloud
  • User Guides
    • Cloud Security Remediation Management(CSRM) User Guide
    • Cloud Infrastructure Entitlement Management(CIEM) User Guide
    • Cloud Security Posture Anomaly(CSPA) User Guide
    • Cloud Security Asset Exposure(CSAE) User Guide
    • Cloud Security Posture Management(CSPM) User Guide
  • Tell Me How
    • Protected: How to Manage Report Views at Organization-level in Saner Cloud?
    • How to Get a Cohesive View from Saner Cloud Unified Dashboard?
    • How to Use Tags to Quickly Filter Resources?
    • How to Troubleshoot Issues with Audit Logs?
    • How to Manage Groups and Tags in Saner Cloud?
    • How to Manage Report Views for a User Account in Saner Cloud?
    • How to Troubleshoot or Analyze with Critical Activity Logs?
    • How to Setup Alerts Across SanerCloud Tools?
    • How to Take Action on Alert Notifications from SanerCloud?
    • CIEM
      • How to See the Active Version for an IAM Policy?
      • How to Troubleshoot or Analyze with Critical Activity Logs?
      • How to View by Type and Usage for any Identity in CIEM?
      • How to Get Visibility into Cloud Entitlements?
      • How to Use Evidence to Address Policies with Excessive Permission?
      • How to Know the Excessive Permissions on a Specific Service?
      • How to Visually See the Relationship between Identity, Entitlement, Policy, or Permission?
      • How to Determine if a Policy has Excessive Permission?
      • How to Initiate Patch Remediation from CIEM Dashboard?
    • CSRM
      • Protected: How to Configure Automation Rule to Remediate Misconfigurations?
      • How to Create a Patching Task for Items Currently in “Approval Pending” State?
      • How to Evaluate Remediation Effort with Patching Impact Chart?
      • How to Prioritize and Address Older or High-Risk Anomalies with Patch Aging?
      • How to Monitor the Overall Status of the Remediation Job?
      • How do I Get to Know the Regions Impacted by a Specific Rule?
      • How to View the Severity of a Missing Patch Affected by a Rule?
      • How to Address Missing Patches Via Remediation Tasks?
      • How to Quickly Access the Necessary Tool for Remediation and Begin Patching Tasks?
    • CSAE
      • How to Setup Watchlist Configuration for a Resource?
      • How to Identify Outdated Resources for Cleanup?
      • How does Resource Categorization Work in Saner CSAE?
      • How to Identify Resources Exposed to External Network?
      • How to Understand the Resource Footprint Globally Across Various Regions?
      • How to Make Informed Decisions on Your Expenditure based on Resource Usage Graph?
    • CSPM
      • How to Setup Benchmarks in Saner CSPM?
      • How to Use Quick Evaluation Benchmarks?
      • How to Detect Patterns over a Period with Resource Trends?
      • How to Assess System Compliance and Security Posture?
    • CSPA
      • How to Initiate Patch Remediation from CSPA Dashboard?
      • How to Quickly Identify the Detected and Remediated Anomalies for an Account?
      • How to Prioritize Remediation or Fixes based on Confidence Levels?
      • How to Examine the Overall Anomaly Information for Specific Rules or Checks?
      • How to Search and Retrieve Anomaly Data?
      • How to Whitelist Rules or Resources in Cloud Security Scans?
  • Frequently Asked Questions
    • Saner Cloud Technical FAQs
  • Saner Cloud Release Notes
    • Saner Cloud – V.1.0 Release Notes
  • Security Intelligence for Saner Cloud
    • Infrastructure Entitlement Checks in AWS and Azure
      • Implementing Infrastructure Entitlement Checks in Azure
      • Implementing Infrastructure Entitlement Checks in AWS
    • Posture Anomaly Checks in AWS and Azure
      • Implementing Posture Anomaly Checks in AWS
      • Implementing Posture Anomaly Checks in Azure
    • Benchmark Compliance Rules in AWS and Azure
      • Implementing Benchmark Compliance Rules in Azure
      • Implementing PCI DSS 3 2 1 Regional in AWS
      • Implementing CIS 3 0 0 in AWS
      • Implementing HIPAA HITRUST Rules
      • Implementing PCI DSS 3 2 1 Global Rules in AWS
      • Implementing NIST 800 53 rev 5 Global Rules in AWS
      • Implementing SecPod Global Rules in AWS
      • Implementing CIS 3 0 0 Regional in AWS
      • Implementing CIS 4 0 0 Regional
      • Implementing SOC 2 in AWS
      • Implementing CIS 4 0 0 in AWS
      • Implementing NIST 800 53 rev 5 Rules in AWS
      • Implementing SecPod Regional Rules in AWS
      • Implementing SecPod Default Rules in AWS
      • Implementing NIST 800 53 rev 5 Regional in AWS
      • Implementing PCI DSS 3 2 1 in AWS
      • Implementing CIS 4 0 0 Global in AWS
      • Implementing CIS 3 0 0 Global Rules in AWS
      • Implementing SOC 2 Global Rules in AWS
      • Implementing SOC 2 Regional Rules in AWS

Saner CVEM

  • Saner CVEM Release Notes
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • SanerNow Risk Prioritization Launch
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner CVEM Guide
    • What’s New in Saner CVEM?
    • Getting Started with Saner CVEM
    • Pre-requisites for Saner CVEM Deployment
    • How does Saner CVEM’s deployment architecture work?
  • Saner CVEM Products
    • Overview of Saner Continuous Vulnerability and Exposure Management
    • Saner CVEM Unified Dashboard User Guide
    • Saner CVEM Asset Exposure User Guide
    • Saner CVEM Continuous Posture Anomaly Management User Guide
    • Data Points IT teams can Fetch from Saner CPAM
    • Posture Anomaly Computation Rules
    • Saner CVEM Vulnerability Management User Guide
    • Saner CVEM Compliance Management User Guide
    • Saner CVEM Risk Prioritization User Guide
    • Saner CVEM Patch Management User Guide
    • Saner CVEM Endpoint Management User Guide
    • Saner CVEM Remote Access User Guide
    • Saner CVEM Network Scanner User Guide
    • Saner CVEM Cyber Hygiene Score User Guide
  • How Tos
    • Saner CPAM
      • How to create new response in PA tool?
      • How to build your own detection and response in PA tool?
      • How to whitelist an entire PA ID?
      • How to configure Posture Anomaly tool for custom detection?
      • How to fix Anomalies from PA dashboard?
      • How to fix anomalies detected in your account from All Anomalies Page?
      • How to fix anomalies from PA Summary page?
      • How to delete PA scan preferences?
      • How to schedule PA Scans on Daily, Weekly, and Monthly basis?
      • How to launch Posture Anomaly scans?
    • Saner AE
      • How to blacklist and whitelist applications in Saner AE?
      • How to manage asset licenses using Saner AE?
      • How to run an asset scan using Saner AE?
    • Saner VM
      • How to automate and schedule vulnerability scans?
      • How to exclude vulnerabilities in Saner VM tool
      • How to manage excluded vulnerabilities in Saner VM?
      • How to remediate vulnerabilities from vulnerability management dashboard?
    • Saner CM
      • How to align with NIST 800-53 security compliance management?
      • How to align with NIST 800-171 security compliance management?
      • How to align with PCI security compliance management?
      • How to custom create a security policy?
      • How to run a compliance scan?
      • How to align with HIPAA security compliance management using Saner CM?
    • Saner PM
      • How to fix firmware in Saner?
      • How to exclude patches in Saner PM?
      • How to manage excluded patches in Saner PM?
      • How to automate patch management in Saner PM?
      • How to roll back patches in Saner PM?
      • How to specify Service Level Agreement (SLA) using Remediation SLA in Saner PM?
      • How to apply missing patches in Saner PM?
      • How to apply the most critical patches in Saner PM?
      • How to perform custom remediation for applications that require paid patches using Saner PM
      • How to check the status of patching activity?
    • Saner EM
      • How to check wireless security in Windows systems?
      • How to collect all open ports in Windows systems?
      • How to check all firewall policies on Windows systems?
      • How to collect all the applications with an unknown publisher in Mac systems?
      • How to investigate DNS cache on Windows systems?
      • How to collect all the applications with an unknown publisher in Linux systems?
      • How to collect all software licenses in Windows systems?
      • How to collect environment variables set in all operating systems?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing Windows?
      • How to collect all families of operating systems such as Windows, Unix, and macOS?
      • How to collect all software licenses in Mac systems?
      • How to collect DNS information on Windows systems?
      • How to identify potentially unwanted programs such as torrent downloaders or unnecessary toolbars running on Windows systems?
      • How to collect all the applications with an unknown publisher in Windows systems?
      • How to collect all network interfaces in Windows systems?
      • How to collect a list of applications that are started when you boot your computer?
      • How to delete and quarantine a file?
      • How to collect mounted disk information on Linux systems?
      • How to check wireless signal quality in Windows systems?
      • How to perform system tuning?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing in Linux?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Linux systems?
      • How to collect DNS information on Linux systems?
      • How to check all firewall policies on Linux systems?
      • How to check wireless security in Linux systems?
      • How to check wireless signal quality in Linux systems?
      • How to collect all the important missing patches in Windows systems?
      • How to collect all installed patches in Windows systems?
      • How to collect all software patches that are hidden in the Windows Update server?
      • How to check the status of Windows Update Server (WSUS/SCCM)?
      • How to collect BIOS information such as serial number, version, manufacturer in Windows systems?
      • How to collect and investigate disk information on Windows systems?
      • How to investigate disks running out of space (<100 MB) in Windows systems?
      • How to collect operating systems information in Windows?
      • How to investigate total RAM or CPU threshold (greater than or equal to 80%) in Windows systems?
      • How to list all Groups in Windows systems?
      • How to collect all services that are currently running in Windows systems?
      • How to list all Administrator accounts on Windows systems?
      • How to list all guest accounts in Windows systems?
      • How to list all inactive users on Windows systems?
      • How to list last-logon details of users on Windows systems?
      • How to identify all users in Windows systems?
      • How to check if Bit-locker protection is OFF in Windows systems?
      • How to collect all keyboard and pointing devices connected to Windows systems?
      • How to collect all storage devices connected to Windows systems?
      • How to check account lockout policy on Windows systems?
      • How to check for Anti-Virus (AV) status in Windows systems?
      • How to check status of DEP in Windows systems?
      • How to check faulty Anti-Virus (AV) status in Windows systems?
      • How to check password policy set in Windows systems?
      • How to collect all security events from Windows Events Log?
      • How to start and stop the processes in Saner?
      • How to block blacklisted applications in Saner?
      • How to enable/disable devices in Saner
      • How to manually import devices into Saner?
      • How to deploy software in Saner EM?
      • How to enable and disable firewall settings in Saner AE?
      • How to collect all shared resources on Windows systems?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Windows systems?
      • How to connect to a client machine graphically using Saner Remote Access
  • FAQs
    • Saner CVEM Technical FAQs

Security Intelligence

  • Overview of Security Content and Intelligence
  • Security Content Statistics
  • Application and OS Remediation Coverage
  • Compliance Benchmark Coverage
  • List of Vulnerability to Exploit/Malware Mapping covered in Saner
  • OVAL Definitions Family-wise Distribution
  • OVAL Definitions Class-wise Distribution
  • OVAL Definitions Platform Coverage
View Categories
  • Home
  • Docs
  • Saner CVEM
  • Saner CVEM Products
  • Saner CVEM Risk Prioritization User Guide

Saner CVEM Risk Prioritization User Guide

Print Friendly, PDF & Email

Overview

We’ve introduced the Saner Risk Prioritization tool to help you identify and prioritize the most severe vulnerabilities that need immediate remediation amongst the myriad of vulnerabilities present in your organization.

Patching all the vulnerabilities is quite often a daunting task for IT teams. However, with the Saner Risk Prioritization tool, you can prioritize patching the critical vulnerabilities first and then focus on the less severe ones. Sane Risk Prioritization uses the Stakeholder-Specific Vulnerability Categorization(SSVC) framework to categorize risks into four categories: Act, Attend, Track*, and Track. At the same time, Saner Risk Prioritization allows you to perform a deeper exploitation analysis of the risks by leveraging SecPod’s proprietary machine-learning algorithm.

Saner Risk Prioritization tool integrates perfectly into the existing ecosystem of Saner products – this means that you can fix the risks (both vulnerabilities and misconfigurations detected) identified in your IT infrastructure using Saner tools such as Saner PM and CM.

Pre-requisites for Saner Risk Prioritization

You must have an active subscription to either of the following Saner tools:

  1. Saner Patch Management (PM).
  2. Saner Compliance Management (CM).
Note
An active subscription to both the Saner PM and CM tools is needed. The Saner PM tool will help remediate any vulnerabilities, while the Saner CM tool will help fix misconfigurations.

Access Saner Risk Prioritization

You can access the Saner Risk Prioritization tool in two ways.

Launch the Saner Risk Prioritization tool from the Prioritization pane

Follow the below steps to access the Saner Risk Prioritization tool.

1: Log in to the Saner web console.. On the Organization Unified Dashboard, select the Account you want to work with.

2: In the Account level dashboard, scroll to the Prioritization section and click the RP icon on the right.

3: You will be re-directed to the Saner Risk Prioritization dashboard.

Launch the Saner Risk Prioritization tool from the Saner tools menu button

Follow the below steps to access the Saner Risk Prioritization tool.

1: Log in to the Saner portal. On the Organization Unified Dashboard, select the Account you want to work with.

2: Click the Saner tools menu button located at the top. Then click the Risk Prioritization icon.

3: You will be re-directed to the Saner Risk Prioritization dashboard.

Get Started with Saner Risk Prioritization

We recommend answering the Configuration questions before using the Saner Risk Prioritization tool. Answering the questionnaire helps the Saner Risk Prioritization tool categorize risks effectively and produce accurate results.

Follow the below steps to configure the questions for the Saner Risk Prioritization tool.

1: Click the gear icon on the top right of the Saner Risk Prioritization dashboard.

2: A screen with the list of questionnaires appears. On this screen, the questions marked with red are mandatory. And it is recommended that you answer these questions. If you don’t provide an answer to the required questions, Saner Risk Prioritization will assume the default values in this case. However, this may lead to inaccurate prioritization of risks.

A green check mark appears next to the question you provided answers to.

Saner Risk Prioritization Dashboard

View Prioritized Risks in the Account

The top pane in the Saner Risk Prioritization dashboard displays the most severe risks found in the Account. Saner Risk Prioritization performs an automatic scan on the Account regularly and categorizes the identified risks into four categories using the Stakeholder-Specific Vulnerability Categorization(SSVC) framework. The categories are as follows:

  • Track: The vulnerability does not require action currently. The organization would continue tracking and reassessing the vulnerability if new information becomes available. Cybersecurity & Infrastructure Security Agency recommends remediating Track vulnerabilities within standard update timelines. 
  • Track*: The vulnerability contains specific characteristics that may require closer monitoring for changes. Cybersecurity & Infrastructure Security Agency recommends remediating Track* vulnerabilities within standard update timelines. 
  • Attend: The vulnerability requires attention from the organization’s internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability and may involve publishing a notification either internally and/or externally. Cybersecurity & Infrastructure Security Agency recommends remediating Attend vulnerabilities sooner than standard update timelines. 
  • Act: The vulnerability requires attention from the organization’s internal, supervisory-level, and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability and publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and execute agreed-upon actions. Cybersecurity & Infrastructure Security Agency recommends remediating Act vulnerabilities as soon as possible.

Clicking on each category – Act, Attend, Track*, and Track will take you to the Prioritized Risks screen, where you get a detailed view of the risks.

Get a detailed view of the prioritized risks in the Account

The Prioritized Risks pane displays all the risks – vulnerabilities and misconfigurations in the Account. You can toggle between vulnerabilities and misconfigurations using the button on the left of the Prioritized Risks pane.

Similarly, you can filter the risks according to their category. The category checkboxes placed on the top right of the Prioritized Risks pane help you display risks belonging to each category: Act, Attend, Track*, and Track.

The Prioritized Risks pane on the Saner Risk Prioritized dashboard shows only ten risks at a time. However, you can expand the Prioritized Risks pane and see fifty risks at a time on the screen.

Click the button to expand the Prioritized Risks pane. In the expanded view, the Prioritized Risks pane can display a maximum of 500 risks. You can use the drop-down box on the top right to specify the number of records to be displayed.

You can search for risks by specifying the CVE id or with the asset name. Enter the CVE ID or the asset name in the text box right next to the  icon. Similarly, you can download the risks presented on the Prioritized Risks pane in a Comma Separated Value (CSV) or CycloneDX format. Click the download button . You get a prompt to choose between CSV or CycloneDX file format. Once you confirm the file format, the file gets downloaded onto your computer.

The Prioritized Risks pane provides the following details about each risk listed in the pane.

  1. Risk ID — A unique ID assigned to the risk.
  2. Title – A short description of the risk.
  3. Affected Asset – The name of software asset, operating system, configuration setting, etc. affected by the vulnerability.
  4. Affected Devices – Hosts that are vulnerable to the risk.
  5. Priority – Any of the risk prioritisation categories – Act, Attend, Track*, Track
  6. Mission Critical – Mission prevalence factor – Essential, Support, Minimal impact
  7. Exploitation – Categorisation of Exploitation based on SecPod’s ML algorithm – High, Medium, Low
  8. Automatable – Automatable? Yes or No
  9. Technical Impact – Categories how the risk impacts the system due to authentication disclosure or obtaining control of the component – Partial or Total
  10. Fix – Remediation through Patch Management feature
  11. Know More – Dig deep to understand the Risk Prioritization analysis.

The Know More field displays two crucial pieces of information :

  1. Decision Tree
  2. More Details about the risk

Decision Tree

Clicking the Decision Tree will display the factors affecting the decision for Saner Risk Prioritization tool to classify the vulnerability (CVE/CCE) into one of the categories, namely: Act, Attend, Track*, and Track.

Know More

The Know More pane gives you information about the affected asset, the number of affected devices, the type of risk, and the category of risk it falls into. Similarly, you get information about the number of Mission Critical affected devices by the risk, information about the technical impact, automatable, and the exploitation details of the risk.

Remediate risks displayed in the Prioritized Risks pane

You can remediate both vulnerabilities and misconfigurations listed in the Prioritized Risks pane.

Follow the below steps to remediate a vulnerability from the Prioritized Risks pane.

1: Select the CVE ID from the list you want to remediate. The Remediate button on the top right gets enabled.

2: Click the Remediate button, which takes you to the Saner PM tool to create a Patching Task for the vulnerability.

3: You can specify the type of remediation schedule you prefer. The following options are available.

  1. Immediate
  2. After scheduled scan
  3. Custom Date

Immediate  – If you specify the remediation schedule as Immediate, the Saner CM tool will create the patching task and apply the patches immediately.

After Scheduled Scan – If you specify the remediation schedule as After Scheduled Scan, the Saner CM tool will create the patching task and apply the patches after the Saner Agent has completed the scheduled scan.

View and Remediate Risks in the Exploitation Category

The Exploitation pane shows the risk distribution based on the exploitation evidence in a pie chart and categorizes them into High, Medium, and Low.

Click the button to expand the Exploitation pane – this will take you to the Exploitation Analysis pane. You can also access the Exploitation Analysis pane by clicking the pie chart.

The Exploitation Analysis pane gives a detailed view of the risks under the Exploitation category. A maximum of 500 risks can be displayed on the Exploitation Analysis pane.

You can use the drop-down box on the top right to specify the number of records to be displayed. Also, you can toggle between Vulnerabilities and Misconfigurations to be displayed on the Exploitation Analysis pane.

Similarly, you can filter the risks according to their category. The category checkboxes placed on the top right of the  Exploitation Analysis pane help you show risks belonging to each category: Act, Attend, Track*, and Track.

You can search for risks by specifying the CVE id or with the asset name. Enter the CVE ID or the asset name in the text box next to the        icon. You can download the CVEs under the Exploitation category by clicking the  icon.

Follow the steps mentioned in the Prioritized Risks pane to remediate risks under the Exploitation pane.

View and Remediate Risks in the Automatable Category

The Automatable pane shows the distribution of vulnerabilities based on their reliability on automation.

No: Cannot be reliably automated.

Yes: Can be reliably automated.

Click the button to expand the Automatable pane – this will take you to the Automatable Analysis pane. You can also access the Automatable Analysis pane by clicking the figure displayed on the Automatable pane.

The Automatable Analysis pane gives a detailed view of the risks under the Automatable category. A maximum of 500 risks can be displayed on the Automatable Analysis pane.

You can use the drop-down box on the top right to specify the number of records to be displayed. Also, you can toggle between Vulnerabilities and Misconfigurations to be displayed on the Automatable Analysis pane.

Similarly, you can filter the risks according to their category. The category checkboxes placed on the top right of the Automatable Analysis pane help you show risks belonging to each category: Act, Attend, Track*, and Track.

You can search for risks by specifying the CVE id or with the asset name. Enter the CVE ID or the asset name in the text box next to the        icon. You can download the CVEs under the Automatable category by clicking the  icon.

Follow the steps mentioned in the Prioritized Risks pane to remediate risks under the Automatable Analysis pane.

View and Remediate Risks in the Technical Impact Category

The Technical Impact pane shows the distribution of vulnerabilities based on the extent of control the adversary gets over the component.

Partial: Limited Control

Total: Full Control

Click the button to expand the Technical Impact pane – this will take you to the Technical Impact Analysis pane. You can also access the Technical Impact Analysis pane by clicking the figure displayed on the Technical Impact pane.

The Technical Impact Analysis pane gives a detailed view of the risks under the Technical Impact category. A maximum of 500 risks can be displayed on the Technical Impact Analysis pane.

You can use the drop-down box on the top right to specify the number of records to be displayed. Also, you can toggle between Vulnerabilities and Misconfigurations to be displayed on the Technical Impact Analysis pane.

Similarly, you can filter the risks according to their category. The category checkboxes placed on the top right of the Technical Impact Analysis pane help you show risks belonging to each category: Act, Attend, Track*, and Track.

You can search for risks by specifying the CVE id or with the asset name. Enter the CVE ID or the asset name in the text box next to the        icon. You can download the CVEs under the Technical Impact category by clicking the  icon.

Follow the steps mentioned in the Prioritized Risks pane to remediate risks under the Technical Impact Analysis pane.

View and Remediate Risks on Essential Devices

The Risks on Essential Devices pane displays the risks based on Mission prevalence present on Essential Devices that need to be acted on immediately. The dynamic pulse chart indicates the status of the Account. The greener the icon, the healthier the Account.

All the risks shown on the Risk on Essential Devices pane fall under the Act category. Clicking the pulse chart will take you to the Prioritized Risks pane. Follow the steps mentioned in the Remediating risks displayed in the Prioritized Risks pane section to remediate risks.

View and Remediate Risks on Mission Prevalence

The Risks on Mission Prevalence pane visually represents the risk count on devices based on Mission Prevalence. You can view the risks on Essential Devices(s), Supported Devices(s), and Minimal Devices(s) and remediate them on click.

The boxes presented in the Risk on Mission Prevalence pane represent the risks based on the following category of devices:

  1. Essential Devices(s)
  2.  Support Devices(s)
  3. Minimal Device(s)

Clicking on these boxes will take you to the Prioritized Risks pane, where you can filter the risks according to Act, Attend, Track*, and Track categories and remediate the risks as well.

Follow the steps mentioned in the Remediating risks displayed in the Prioritized Risks pane section to remediate risks.

View Risks on Essential Devices

This pane visually represents the risks on essential devices – Business-centric, Data-Centric devices, and Internet Facing Devices. The number of risks on each category of devices is presented on the top of the icon, while the number of devices belonging to each category is displayed below the icon

To remediate the risks, you can click the icons, namely Business Centric Devices, Data-Centric Devices, and Internet-Facing Devices. You will be redirected to the Prioritized Risks pane. Follow the steps mentioned in the Remediating risks displayed in the Prioritized Risks pane section to remediate risks.

Configure Alerts and Generate Reports in the Saner Risk Prioritization

Configure Alerts in the Saner Risk Prioritization tool

You can configure the Saner Risk Prioritization tool to send you alerts. You can receive alerts about All Software Assets or Critical Software Assets in the Account.

Follow the below steps to configure alerts in the Saner Risk Prioritization tool.

1:  Click the Alerts icon on the left side of the Saner Risk Prioritization dashboard.

2:  You will be taken to the Alerts Screen. Here, you need to provide the email address to which you want the alerts to be sent.

3:  Once you have entered the email address, select the conditions that must be met for the Alert to be sent to you. You can choose all the conditions by clicking the All checkbox. Or you can select individual conditions by unchecking the All checkbox.

4:  You can specify the Alerts for All software assets or Critical software assets in your Account.

5: Click the Update button to save the configuration for alerts.

Generate Reports in the Sane Risk Prioritization tool

1:  Click the Reports icon on the left side of the Saner Risk Prioritization dashboard.

2:  You will be taken to the Reports Screen.

3: Click the Saved Reports button. Select the Risk Prioritization report. The saved report will load on your screen.

Share This Article :
  • X
  • LinkedIn
Still stuck? How can we help?

Saner Documentation Feedback

Saner CVEM Compliance Management User GuideSaner CVEM Patch Management User Guide
Table of Contents
  • Overview
  • Pre-requisites for Saner Risk Prioritization
  • Access Saner Risk Prioritization
    • Launch the Saner Risk Prioritization tool from the Prioritization pane
    • Launch the Saner Risk Prioritization tool from the Saner tools menu button
  • Get Started with Saner Risk Prioritization
  • Saner Risk Prioritization Dashboard
    • View Prioritized Risks in the Account
    • Get a detailed view of the prioritized risks in the Account
    • Decision Tree
    • Know More
  • Remediate risks displayed in the Prioritized Risks pane
  • View and Remediate Risks in the Exploitation Category
  • View and Remediate Risks in the Automatable Category
  • View and Remediate Risks in the Technical Impact Category
  • View and Remediate Risks on Essential Devices
  • View and Remediate Risks on Mission Prevalence
  • View Risks on Essential Devices
  • Configure Alerts and Generate Reports in the Saner Risk Prioritization
    • Configure Alerts in the Saner Risk Prioritization tool
  • Generate Reports in the Sane Risk Prioritization tool
Copyright 2025 - SecPod. All Rights Reserved. Privacy Policy.
SanerNow Version 6.3.x