Skip to content
SecPod  – Documentation
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
Search this website
Menu Close
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO

Saner Platform

  • Saner Platform Release Notes
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner Platform Guide
    • Saner Platform Function Guides
    • Saner Device Management User Guide
  • FAQs
    • Saner CVEM Technical FAQs
  • How Tos
    • General
      • How to increase the subscription count for an Account in Saner CVEM
      • How to increment license count for an Organization in Saner CVEM
      • How to provision Saner tools for an Organization
      • How to change subscription type in Saner CVEM
      • How to sign-up with Saner CVEM?
      • How to create a new account in Saner CVEM?
      • How to create a new user in Saner CVEM?
      • How to enable SSO authentication policy in Saner CVEM?
      • How to set alerts in SanerNow?
      • How to view, download and filter the audit logs?
      • How to designate Saner Agent to perform network scan?
      • How to Co-Brand with your logo?
      • How to fetch the details of the mandatory fields from the Okta account?
      • How to create MFA policy for Okta?
      • How to fetch the details of the mandatory fields from the PingID account?
      • How to create MFA policy for PingID?
      • How to fetch the details of the mandatory fields from the PingOne account?
      • How to create MFA policy for PingOne?
      • How to download and install Saner Agent in Mac?
      • How to download and install Saner agent in Linux?
      • How to download and install the Saner agent in Windows?
      • How to update the expiry date of an existing subscription?
      • How to manage users and their preferences using role-based access?
      • How to uninstall SanerNow Agent using SanerNow Offline deployer tool.
      • How to onboard a new organization?
      • How to deploy SanerNow Agent using SanerNow Offline deployer tool.
      • How to install a Saner agent through the command line?
      • How to uninstall the Saner agent through command line?
    • Saner Reports
      • How to configure mail settings to email Report PDF?
      • How to create a custom report in SanerNow?
      • How to schedule for the report back up?
    • Saner Device Management
      • How to create custom groups in Saner CVEM
    • Saner Mail Settings
      • How to create new mail settings in Saner?
      • How to use OAuth-enabled authentication in Saner mail settings
      • How to create OAuth Client ID and Client Secret for Gmail
      • How to create OAuth Client ID and Client Secret for Microsoft 365.
  • Supported OSs and Platforms
    • Operating Systems and Platforms Supported
    • Supported Third-party Applications for Patching

Saner Cloud

  • Before You Begin
    • Glossary of Terms
    • Read me First
  • Get Started
    • Saner Cloud Deployment Guides
      • Azure Onboarding
      • Troubleshooting
      • Get Started with Saner CNAPP AWS Cloud Deployment V1.0
      • Onboarding with AWS Credentials(Least Recommended Method)
      • Onboarding with AWS Role(Manual)
      • Onboarding with AWS Role CloudFormation (Automatic): Recommended
    • Roles and Permissions
      • Roles and Permissions for AWS Remediation Access
      • Roles and Permissions for Azure Onboarding, Detection, and Remediation
  • Learn About
    • Excessive Permission Categories Evaluated Across Different Cloud Services
    • Publicly Accessible Resources
    • Patch Aging and Patch Impact
    • SecPod Default Benchmarks
    • Watchlists
    • Cloud Workload Protection Platform(CWPP)
    • Overview of Report Views in Saner Cloud
    • Whitelisting Resources
    • Saner Plasma AI Assistant for Seamless User Interaction
    • Critical Events to Monitor in AWS
    • High-Privilege Actions in Critical Activity Logs for AWS
    • Audit Logs in Saner Cloud
    • Excessive Permissions
    • Alerts in SanerCloud
  • User Guides
    • Cloud Security Remediation Management(CSRM) User Guide
    • Cloud Infrastructure Entitlement Management(CIEM) User Guide
    • Cloud Security Posture Anomaly(CSPA) User Guide
    • Cloud Security Asset Exposure(CSAE) User Guide
    • Cloud Security Posture Management(CSPM) User Guide
  • Tell Me How
    • Protected: How to Manage Report Views at Organization-level in Saner Cloud?
    • How to Get a Cohesive View from Saner Cloud Unified Dashboard?
    • How to Use Tags to Quickly Filter Resources?
    • How to Troubleshoot Issues with Audit Logs?
    • How to Manage Groups and Tags in Saner Cloud?
    • How to Manage Report Views for a User Account in Saner Cloud?
    • How to Troubleshoot or Analyze with Critical Activity Logs?
    • How to Setup Alerts Across SanerCloud Tools?
    • How to Take Action on Alert Notifications from SanerCloud?
    • CIEM
      • How to See the Active Version for an IAM Policy?
      • How to Troubleshoot or Analyze with Critical Activity Logs?
      • How to View by Type and Usage for any Identity in CIEM?
      • How to Get Visibility into Cloud Entitlements?
      • How to Use Evidence to Address Policies with Excessive Permission?
      • How to Know the Excessive Permissions on a Specific Service?
      • How to Visually See the Relationship between Identity, Entitlement, Policy, or Permission?
      • How to Determine if a Policy has Excessive Permission?
      • How to Initiate Patch Remediation from CIEM Dashboard?
    • CSRM
      • Protected: How to Configure Automation Rule to Remediate Misconfigurations?
      • How to Create a Patching Task for Items Currently in “Approval Pending” State?
      • How to Evaluate Remediation Effort with Patching Impact Chart?
      • How to Prioritize and Address Older or High-Risk Anomalies with Patch Aging?
      • How to Monitor the Overall Status of the Remediation Job?
      • How do I Get to Know the Regions Impacted by a Specific Rule?
      • How to View the Severity of a Missing Patch Affected by a Rule?
      • How to Address Missing Patches Via Remediation Tasks?
      • How to Quickly Access the Necessary Tool for Remediation and Begin Patching Tasks?
    • CSAE
      • How to Setup Watchlist Configuration for a Resource?
      • How to Identify Outdated Resources for Cleanup?
      • How does Resource Categorization Work in Saner CSAE?
      • How to Identify Resources Exposed to External Network?
      • How to Understand the Resource Footprint Globally Across Various Regions?
      • How to Make Informed Decisions on Your Expenditure based on Resource Usage Graph?
    • CSPM
      • How to Setup Benchmarks in Saner CSPM?
      • How to Use Quick Evaluation Benchmarks?
      • How to Detect Patterns over a Period with Resource Trends?
      • How to Assess System Compliance and Security Posture?
    • CSPA
      • How to Initiate Patch Remediation from CSPA Dashboard?
      • How to Quickly Identify the Detected and Remediated Anomalies for an Account?
      • How to Prioritize Remediation or Fixes based on Confidence Levels?
      • How to Examine the Overall Anomaly Information for Specific Rules or Checks?
      • How to Search and Retrieve Anomaly Data?
      • How to Whitelist Rules or Resources in Cloud Security Scans?
  • Frequently Asked Questions
    • Saner Cloud Technical FAQs
  • Saner Cloud Release Notes
    • Saner Cloud – V.1.0 Release Notes
  • Security Intelligence for Saner Cloud
    • Infrastructure Entitlement Checks in AWS and Azure
      • Implementing Infrastructure Entitlement Checks in Azure
      • Implementing Infrastructure Entitlement Checks in AWS
    • Posture Anomaly Checks in AWS and Azure
      • Implementing Posture Anomaly Checks in AWS
      • Implementing Posture Anomaly Checks in Azure
    • Benchmark Compliance Rules in AWS and Azure
      • Implementing Benchmark Compliance Rules in Azure
      • Implementing PCI DSS 3 2 1 Regional in AWS
      • Implementing CIS 3 0 0 in AWS
      • Implementing HIPAA HITRUST Rules
      • Implementing PCI DSS 3 2 1 Global Rules in AWS
      • Implementing NIST 800 53 rev 5 Global Rules in AWS
      • Implementing SecPod Global Rules in AWS
      • Implementing CIS 3 0 0 Regional in AWS
      • Implementing CIS 4 0 0 Regional
      • Implementing SOC 2 in AWS
      • Implementing CIS 4 0 0 in AWS
      • Implementing NIST 800 53 rev 5 Rules in AWS
      • Implementing SecPod Regional Rules in AWS
      • Implementing SecPod Default Rules in AWS
      • Implementing NIST 800 53 rev 5 Regional in AWS
      • Implementing PCI DSS 3 2 1 in AWS
      • Implementing CIS 4 0 0 Global in AWS
      • Implementing CIS 3 0 0 Global Rules in AWS
      • Implementing SOC 2 Global Rules in AWS
      • Implementing SOC 2 Regional Rules in AWS

Saner CVEM

  • Saner CVEM Release Notes
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • SanerNow Risk Prioritization Launch
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner CVEM Guide
    • What’s New in Saner CVEM?
    • Getting Started with Saner CVEM
    • Pre-requisites for Saner CVEM Deployment
    • How does Saner CVEM’s deployment architecture work?
  • Saner CVEM Products
    • Overview of Saner Continuous Vulnerability and Exposure Management
    • Saner CVEM Unified Dashboard User Guide
    • Saner CVEM Asset Exposure User Guide
    • Saner CVEM Continuous Posture Anomaly Management User Guide
    • Data Points IT teams can Fetch from Saner CPAM
    • Posture Anomaly Computation Rules
    • Saner CVEM Vulnerability Management User Guide
    • Saner CVEM Compliance Management User Guide
    • Saner CVEM Risk Prioritization User Guide
    • Saner CVEM Patch Management User Guide
    • Saner CVEM Endpoint Management User Guide
    • Saner CVEM Remote Access User Guide
    • Saner CVEM Network Scanner User Guide
    • Saner CVEM Cyber Hygiene Score User Guide
  • How Tos
    • Saner CPAM
      • How to create new response in PA tool?
      • How to build your own detection and response in PA tool?
      • How to whitelist an entire PA ID?
      • How to configure Posture Anomaly tool for custom detection?
      • How to fix Anomalies from PA dashboard?
      • How to fix anomalies detected in your account from All Anomalies Page?
      • How to fix anomalies from PA Summary page?
      • How to delete PA scan preferences?
      • How to schedule PA Scans on Daily, Weekly, and Monthly basis?
      • How to launch Posture Anomaly scans?
    • Saner AE
      • How to blacklist and whitelist applications in Saner AE?
      • How to manage asset licenses using Saner AE?
      • How to run an asset scan using Saner AE?
    • Saner VM
      • How to automate and schedule vulnerability scans?
      • How to exclude vulnerabilities in Saner VM tool
      • How to manage excluded vulnerabilities in Saner VM?
      • How to remediate vulnerabilities from vulnerability management dashboard?
    • Saner CM
      • How to align with NIST 800-53 security compliance management?
      • How to align with NIST 800-171 security compliance management?
      • How to align with PCI security compliance management?
      • How to custom create a security policy?
      • How to run a compliance scan?
      • How to align with HIPAA security compliance management using Saner CM?
    • Saner PM
      • How to fix firmware in Saner?
      • How to exclude patches in Saner PM?
      • How to manage excluded patches in Saner PM?
      • How to automate patch management in Saner PM?
      • How to roll back patches in Saner PM?
      • How to specify Service Level Agreement (SLA) using Remediation SLA in Saner PM?
      • How to apply missing patches in Saner PM?
      • How to apply the most critical patches in Saner PM?
      • How to perform custom remediation for applications that require paid patches using Saner PM
      • How to check the status of patching activity?
    • Saner EM
      • How to check wireless security in Windows systems?
      • How to collect all open ports in Windows systems?
      • How to check all firewall policies on Windows systems?
      • How to collect all the applications with an unknown publisher in Mac systems?
      • How to investigate DNS cache on Windows systems?
      • How to collect all the applications with an unknown publisher in Linux systems?
      • How to collect all software licenses in Windows systems?
      • How to collect environment variables set in all operating systems?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing Windows?
      • How to collect all families of operating systems such as Windows, Unix, and macOS?
      • How to collect all software licenses in Mac systems?
      • How to collect DNS information on Windows systems?
      • How to identify potentially unwanted programs such as torrent downloaders or unnecessary toolbars running on Windows systems?
      • How to collect all the applications with an unknown publisher in Windows systems?
      • How to collect all network interfaces in Windows systems?
      • How to collect a list of applications that are started when you boot your computer?
      • How to delete and quarantine a file?
      • How to collect mounted disk information on Linux systems?
      • How to check wireless signal quality in Windows systems?
      • How to perform system tuning?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing in Linux?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Linux systems?
      • How to collect DNS information on Linux systems?
      • How to check all firewall policies on Linux systems?
      • How to check wireless security in Linux systems?
      • How to check wireless signal quality in Linux systems?
      • How to collect all the important missing patches in Windows systems?
      • How to collect all installed patches in Windows systems?
      • How to collect all software patches that are hidden in the Windows Update server?
      • How to check the status of Windows Update Server (WSUS/SCCM)?
      • How to collect BIOS information such as serial number, version, manufacturer in Windows systems?
      • How to collect and investigate disk information on Windows systems?
      • How to investigate disks running out of space (<100 MB) in Windows systems?
      • How to collect operating systems information in Windows?
      • How to investigate total RAM or CPU threshold (greater than or equal to 80%) in Windows systems?
      • How to list all Groups in Windows systems?
      • How to collect all services that are currently running in Windows systems?
      • How to list all Administrator accounts on Windows systems?
      • How to list all guest accounts in Windows systems?
      • How to list all inactive users on Windows systems?
      • How to list last-logon details of users on Windows systems?
      • How to identify all users in Windows systems?
      • How to check if Bit-locker protection is OFF in Windows systems?
      • How to collect all keyboard and pointing devices connected to Windows systems?
      • How to collect all storage devices connected to Windows systems?
      • How to check account lockout policy on Windows systems?
      • How to check for Anti-Virus (AV) status in Windows systems?
      • How to check status of DEP in Windows systems?
      • How to check faulty Anti-Virus (AV) status in Windows systems?
      • How to check password policy set in Windows systems?
      • How to collect all security events from Windows Events Log?
      • How to start and stop the processes in Saner?
      • How to block blacklisted applications in Saner?
      • How to enable/disable devices in Saner
      • How to manually import devices into Saner?
      • How to deploy software in Saner EM?
      • How to enable and disable firewall settings in Saner AE?
      • How to collect all shared resources on Windows systems?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Windows systems?
      • How to connect to a client machine graphically using Saner Remote Access
  • FAQs
    • Saner CVEM Technical FAQs

Security Intelligence

  • Overview of Security Content and Intelligence
  • Security Content Statistics
  • Application and OS Remediation Coverage
  • Compliance Benchmark Coverage
  • List of Vulnerability to Exploit/Malware Mapping covered in Saner
  • OVAL Definitions Family-wise Distribution
  • OVAL Definitions Class-wise Distribution
  • OVAL Definitions Platform Coverage
View Categories
  • Home
  • Docs
  • Saner CVEM
  • Saner CVEM Products
  • Saner CVEM Vulnerability Management User Guide

Saner CVEM Vulnerability Management User Guide

Print Friendly, PDF & Email

Saner VM provides a vulnerability management tool with impeccable vulnerability scans and instant remediation. Vulnerability management doesn’t stop with scanning and detection; it comes with integrated patch management to remediate vulnerabilities instantly. Saner vulnerability management works as follows:

  • Scan and Identify: It runs continuous scans and identifies vulnerabilities.
  • Assess and Prioritize: Assess vulnerabilities and prioritize based on severity range.
  • Remediate and Report: Remediate through patch management and report required actions.

Monitor + Assess + Prioritize + Remediate = Vulnerability Management

Saner VM simplifies the vulnerability management cycle to a daily routine, simplifies remediation and reporting, and reduces the total cost of operation (TCO). The Saner VM solution helps identify, classify, remediate, and mitigate vulnerabilities in an organization. In the following sections, we will see how to accomplish Vulnerability Management with the Saner VM.

  1. Log in to the Saner account with credentials.
  2. Suppose an account already exists and the Saner Agent has been deployed on the endpoints; the organization level dashboard is displayed.
  1. To select an account, click All Organizations on the top left corner of the dashboard. All Organization section lists all the organizations. You can see the list of organizations as Org1, Org2, and Org3, as shown below; select the account, and a dashboard with the summary view of the account is displayed.
  • 4.        Click the Saner tools icon on the header. It will display all the provision tools, as shown below.
  • Click on the Vulnerability Management icon. The Vulnerability Dashboard is displayed, which provides vulnerability details categorized by severity or type, age, affected hosts, vulnerable devices, and vulnerabilities.

Saner platform hosts the world’s largest vulnerability database with around 100,000+ security checks. The latest vulnerability checks are constantly fed to the SCAP repository. Saner VM thoroughly analyses these vulnerabilities and prioritizes them based on their severity. Easily manage and control all vulnerability management tasks from an all-in-one centralized console. Gain insights on various vulnerability management attribute from the centralized dashboard. View the exploit potential of the detected vulnerabilities evaluated based on the CVSS score.

Vulnerability Statistics

It is important to prioritize the vulnerabilities based on the severity levels and plan the remediation. SecPod uses the Common Vulnerability Scoring System (CVSS), which determines the severity of the vulnerability based on principal characteristics. The Vulnerability Statistics pane shows the total number of vulnerabilities in the network and classifies the severity of the vulnerabilities as low, medium, high, and critical. 

Click on the More Info link, which shows a dialog box to filter the vulnerability statistics by all devices, unassigned devices, groups, or a specific group of devices. The affected device or hostname, the IP address, the total number of vulnerabilities for that host, and the severity grouping is displayed in the dialog.

Exploitability

Remediation can be prioritized if there is visibility into the vulnerability category. You can download the excel sheet by clicking on the CSV icon. The file contains information about the vulnerabilities based on the exploitability.

This page categorizes the vulnerabilities on the network by:

  • Easily Exploitable: Vulnerabilities are known in the public domain, making an exploit easily possible.
  • Network Exploitable: Vulnerabilities can be exploited with remote network access. The attacker’s path is through the network layer.
  • Public Exploit Available: Vulnerabilities for which publicly available exploits have occurred in the past.
  • High Lateral Movement: Vulnerabilities extend to the network as the threat moves from device to device and asset to asset, and attackers collect valuable data.

High Fidelity Attacks

High fidelity attacks pane groups, the vulnerabilities by the exploit kits that can be used to exploit the weakness. This pane shows the high-fidelity attacks which defect the array of attacks vulnerability leads to. In this way, Saner VM predicts having the vulnerability in an organization. On clicking on the highlighted attack name, you will get a description model of the attack. You can download the excel sheet with detailed information by clicking on the CSV icon.

A new section has been introduced for high-fidelity attacks. You can view the individual vulnerabilities associated with high-profile attacks in the All Vulnerabilities dashboard. You can act on these critical vulnerabilities by remediating or excluding them through the Quick Action section. Similarly, we’ve enhanced SecPod’s proprietary vulnerability intelligence library is enhanced to include additional malware and threat intelligence information and MITRE ATTA&CK information.

Click the exploit name in the pane to fetch the details from SecPod’s vulnerability intelligence library.

Vulnerable Devices

This pane lists vulnerable devices with detailed information on risk count based on severity distribution. This pane displays all the devices in the network along with the hostname, operating system, group, count, severity distribution, assets count, last scanned information, and device status.  Filter options are provided to narrow the search based on the groups, operating system, family, and status. The Others option in the Family filter will list the network devices. You can download the excel sheet with vulnerable device information by clicking on the CSV icon.

Vulnerabilities

This page lists the vulnerabilities with detailed information. You can see the CVE ID of the vulnerabilities, vulnerable title, detected time, and how many hosts it affected. Filters are provided to filter the vulnerabilities based on group, family, and severity. You can download the excel sheet with vulnerabilities information by clicking on the CSV icon.

You will get fixed information by moving a cursor on the (i) icon. To get more details about the vulnerabilities, click on the CVE id, which redirects to the SCAP repository page. This page will display complete information about the vulnerability and CVSS score. The severity level is calculated based on the CVSS score. In addition, the Quick action allows to exclude and remediate the selected vulnerabilities. You can search for multiple CVE by specifying the CVE ids in the search box.

Vulnerability by OS

This page shows the list of vulnerabilities categorized by the operating system with the help of a pie chart. You can download the excel sheet with the list of vulnerabilities based on the operating system by clicking on the CSV icon.

Vulnerability by Group

This page shows the list of vulnerabilities, categorized by the groups with the help of a graph. You can download the excel sheet with a list of vulnerabilities based on the group by clicking on the CSV icon.

Vulnerability Aging

This pane shows vulnerabilities grouped by aging. The number of days since they were detected has not been fixed. The pane shows the age of each vulnerability in an account after its detection. You can download the excel sheet with a list of vulnerabilities based on age by clicking on the CSV icon.

Top Vulnerable Assets

This pane shows the top vulnerable assets by their CVE ID and the number of devices at risk. You can download the excel sheet with the asset information by clicking on the CSV icon. The search option is provided to search the asset with the asset name. In addition, Quick Action section allows to exclude and remediate the vulnerabilities of the corresponding assets.

Top Remediation Recommendation

This page lists the top remediation recommended based on the CRE.  It will list remediations that can address a maximum number of deviations. You can download the CSV file by clicking on the CSV icon.

All Vulnerabilities Dashboard

Saner VM introduces a new dashboard where you can view all the vulnerabilities with CVE IDs, severity, the number of assets affected, detected dates, and fix information. You are also provided with a search bar where you can search for exploit-specific keywords. You can act on these vulnerabilities by excluding them or by remediating them through the Quick Action section.

Exclude Vulnerabilities

Saner VM tool will detect and identify all the vulnerabilities that exist in an account. You can see all the detected vulnerabilities displayed on the All Vulnerabilities page. However, there might be scenarios in which you want VM tool to exclude vulnerabilities from certain devices or groups.

VM tool allows you to exclude vulnerabilities. And you can do this namely at – Account, Group(s), and Device(s) level.

Follow the below mentioned steps on how to exclude vulnerabilities at Account, Group(s), and Device(s) levels.

Step 1: On the VM Dashboard, click on All Vulnerabilities which is located at the top right hand side of the page.

Step 2: You will be directed to the All Vulnerabilities page. Here, you can view all the vulnerabilities found by VM tool.

Step 3: Click on the checkboxes displayed towards the right side of the vulnerabilities that you want to exclude. And then click on the Quick Action button.

Step 4: You will see two options when you click on the Quick Action button – 1. Exclude and 2. Remediate.

Step 5: Click on Exclude option. You will now be presented with a new pop-up screen.

Step 6: You need to fill in information in all the textboxes marked with an asterisk (*). Fill in the required info in the below text boxes.

  • Policy Name – Provide a name for the policy you are creating.
  • Reason – You need to select the reason you want to exclude the vulnerabilities. Select one of the reasons presented by the drop-down box. The following reasons are available for you to choose.
    • False Positive
    • Not Applicable
    • Risk Accepted
  • For Days – Enter the number of days you want VM tool to exclude the vulnerabilities.
  • (You can exclude the vulnerability for minimum 1 day and a maximum for 999 days.)
  • CVEs – Here, you will see all the vulnerabilities you selected to be excluded. At the same time, you can manually add vulnerabilities to be excluded using the Add button.
  • Scope – You need to select the scope. You can choose between Account, Group, and Device.
  • Account – When you select Account, the selected vulnerabilities will be excluded from all the devices that are part of the account till the date specified by you.
  • Group – When you select Group, the selected vulnerabilities will be excluded for all the devices that belong to the selected Group(s) till the date specified by you. (You can select multiple groups)
  • Device – You can select one or more devices belonging to various groups to exclude the selected vulnerabilities till the time specified by you. You can select multiple devices belonging to various groups to exclude selected vulnerabilities from them.

Step 7: Once you have selected the Scope, click on Exclude Selected Items button. VM tool will exclude the selected vulnerabilities from applicable devices.

How to Exclude Assets in VM tool

Step 1: On the VM Dashboard, you can find the Top Vulnerable Assets section located at the bottom left corner of the page. All the top vulnerable assets found in the account are listed here.

Step 2: You will find the Exclude option when you click on the Quick Action button.

Step 3: You will see two options when you click on the Quick Action button – 1. Exclude and 2. Remediate. Click on Exclude. You will be presented with a new pop-up window.

Step 4: You need to fill in information in all the textboxes marked with an asterisk (*). Fill in the required info in the below text boxes.

  • Policy Name – Provide a name for the policy you are creating.
  • Reason – You need to select the reason you want to exclude the vulnerabilities. Select one of the reasons presented by the drop-down box. The following reasons are available for you to choose.
    • False Positive
    • Not Applicable
    • Risk Accepted
  • For Days – Enter the number of days you want VM tool to exclude the vulnerabilities.(You can exclude the vulnerability for minimum 1 day and a maximum for 999 days.)
  • Assets – Here, you will see all the assets you selected to be excluded. At the same time, you can manually add Assets to be excluded using the Add button.
  • You need to select the scope. You can choose between Account, Group, and Device.
  • Account – When you select Account, the selected vulnerabilities will be excluded from all the devices that are part of the account till the date specified by you.
  • Group – When you select Group, the selected vulnerabilities will be excluded for all the devices that belong to the selected Group(s) till the date specified by you. (You can select multiple groups).
  • Device – You can select one or more devices belonging to various groups to exclude the selected vulnerabilities till the time specified by you. You can select multiple devices belonging to various groups to exclude selected vulnerabilities from them.

Step 7: Once you have selected the Scope, click on Exclude Selected Items button. VM tool will create the Exclude policy and exclude the selected assets and all the vulnerabilities belonging to the asset from applicable devices.

Note: In VM tool, you can exclude vulnerabilities in various ways. For instance, you can exclude a vulnerability directly from the vulnerabilities table on the VM Dashboard. However, you must follow the steps mentioned above, irrespective of what page or section you use to exclude a vulnerability.

How to Enable/Disable, Edit and Delete an existing Exclude Policy in VM tool

Step 1: On the VM Dashboard, click on Manage Detection located at the top right corner of the page.

Step 2: You will be presented with a new screen. You can see all the Exclude Policy that exist in the account.

The last column on this page – Action presents you with three buttons namely – a toggle button -Enable /Disable, Edit, and Delete buttons that can be used to control Exclude policies.

ButtonUsage
Using this button, you can enable the Exclude policy
Using this button, you can disable the Exclude policy.
Using this button, you can edit the Exclude policy.
Using this button, you can delete the Exclude policy.

Remediating Vulnerabilities from Vulnerability Management Dashboard

You can remediate vulnerabilities in three possible ways:

  • Remediate from All Vulnerability dashboard
  • In All Vulnerabilities, select the vulnerabilities from the check box to remediate.
  • Click on Quick Action and select Remediate.
  • Approve the patches for remediation.
  • You will be redirected to the Patch Management module.
  • Click on Apply Selected Patches and Create a patching task for remediation.
  • Remediate from the Vulnerabilities panel in the vulnerability management dashboard
  • Select the vulnerabilities you want to remediate. Go to quick action and select Remediate and click on approve. You will be redirected to the patch management dashboard.
  • Click on Apply Selected Patches and create a patching task.
  • Remediate from Top Vulnerable Assets
  • Select the assets and click on quick action. The vulnerabilities associated with assets can be remediated.
  • Repeat the same procedure as explained above to remediate the vulnerabilities the corresponding assets.

Setting Alerts for Vulnerabilities

The Alerts section sends a notification alert to the specified email on the detection of new vulnerabilities after a scheduled scan. This setting must be set before the first scheduled scan. The notification for vulnerabilities is based on their criticality.

To set alerts for vulnerabilities:

  • Select the Alerts option on the left pane.
  • Turn on Subscription Status to enable vulnerability alerts.
  • Specify an email address to which the alerts will be sent and the category of vulnerability on which notifications will be based. You can also specify a custom condition based on CVEs.
  • Click on the Update button.

Vulnerability Reports

Saner VM provides an extensive range of reports to understand the vulnerability process. Go to the Reports option on the visibility dashboard to check the reports. You will get two types of reports: Canned reports and customizable reports. Users can access the available vulnerability reports from the Canned reports section.

The user can customize the report by clicking on the Create New Report option. Select a vulnerability report builder APIs and drag them to the Custom Report page to build a new report. Once the report is created, save, and configure a backup for that report.

To Generate the Endpoint Management Report

  • Click Reports > Saved Reports > Vulnerability Report.

To export the report to a PDF.

  • Click on the download icon beside the vulnerability report to download the PDF report.

To export the report and send it via email

  • Click on the Mail icon in the saved report section to email the report.
  • Specify the email addresses.

To Backup Vulnerability Reports

The backup settings under Reports allow IT, administrators, to obtain a report backup. The report backup can be scheduled daily or weekly to run automatically.

To configure backup settings for reports:

  • Click the Reports option on the left pane.
  • Click the Saved Reports > Canned Reports > Vulnerability Report.
  • Select the Settings icon beside the Vulnerability Report.
  • Report Settings (Vulnerability Report) pop up will be displayed.
  • Click the Omit filter statement in the exported report check box, and you can set the on/off button to back up the report or not.
  • If the backup is on, select the weekly or daily option.
  • Set a number in the Keep only the latest entry box. The report for the specified number of days is archived. If the number is three and the backup option is daily, then the reports from the last three days are maintained. Older files are deleted. You can maintain backups for a maximum of 30 days.
  • Specify Email ID address. You can enter more than one email address comma separated.
  • Select the organization and accounts you want to apply these settings.
  • Click on the Save button.

About SecPod, Inc.

SecPod is a leading provider of endpoint security and management solutions. SecPod (Security Podium, incarnated as SecPod) has created a revolutionary Saner platform and tools used by MSPs and enterprises worldwide. SecPod also licenses security technology to top security vendors through its SCAP Content Professional Feed.

303 Twin Dolphin Drive,6th Floor, Redwood City,California 94065, USA.

To learn more about SecPod, visit:

www.SecPod.com

Contact

Sales:[email protected]
Support:[email protected]
Phone:(+1) 918 625 3023 (US)
Share This Article :
  • X
  • LinkedIn
Still stuck? How can we help?

Saner Documentation Feedback

Posture Anomaly Computation RulesSaner CVEM Compliance Management User Guide
Table of Contents
  • Vulnerability Statistics
  • Exploitability
  • High Fidelity Attacks
  • Vulnerable Devices
  • Vulnerabilities
  • Vulnerability by OS
  • Vulnerability by Group
  • Vulnerability Aging
  • Top Vulnerable Assets
  • Top Remediation Recommendation
  • All Vulnerabilities Dashboard
    • Exclude Vulnerabilities
  • How to Exclude Assets in VM tool
  • How to Enable/Disable, Edit and Delete an existing Exclude Policy in VM tool
    • Remediating Vulnerabilities from Vulnerability Management Dashboard
  • Setting Alerts for Vulnerabilities
  • Vulnerability Reports
Copyright 2025 - SecPod. All Rights Reserved. Privacy Policy.
SanerNow Version 6.3.x