You can create custom Discoveries based on pre-defined vulnerability templates.
|
NOTE: All of the available vulnerability templates are used in pre-defined Discoveries. You can refer to the Pre-defined Discoveries and Vulnerabilities section for guidance when creating a new Discovery. |
To create a Discovery:
-
From the Discoveries list, click Create.
-
Enter a Discovery Type.
-
Click Select Vulnerabilities to display a list of available vulnerability templates.
-
Select each vulnerability template you want to add to the Discovery, then click Select.
-
For each vulnerability added to the Discovery:
-
Enter a Vulnerability Name.
-
For Risk, enter the reason why the vulnerability is considered a risk. For Remediation, enter the recommendation for resolving the vulnerability.
TIP: You can refer to Pre-Defined Discoveries and Vulnerabilities for examples of Risk and Remediation text.
-
-
If the vulnerability includes a Scope, specify the objects that you want the Assessment to evaluate. Use the information in the following table for guidance.
NOTES:
-
If the Tier Zero objects checkbox is selected, all applicable Tier Zero objects, both those collected from the Tier Zero provider (Security Guardian or BloodHound Enterprise) and any that were manually-created, will be included in/excluded from the scope (depending on which option you select).
-
If a vulnerability pertains to a specific object or set of objects, the Scope section will be hidden. For example, if the vulnerability pertains to users, only Tier Zero users will be included. If the vulnerability pertains to a specific AD group, such as Built-In administrators, only that group will be included.
Scope selection Description All {objects} All objects in Active Directory that are the applicable object type, including both Tier Zero and non-Tier Zero objects. Select {objects} Only the AD objects you specify based on your selection criteria (Display Name, Principal Name, or SID) will be included. When finished, click Add Object to add the object (s) to the Selected {Object}s list. If you want to exclude individual objects within your selection (for example, you selected an AD group but want to exclude individual members from the scope), click Add Exceptions and enter the object(s) as you would if you were adding objects. All Except Selected {objects} Only the AD objects you specify based on your selection criteria (Display Name, Principal Name, or SID) will be excluded from the scope. You can add multiple AD objects, separated by semicolons. When finished, click Add Object to add the object (s)to the Selected {Object}s list. -
-
Click Save.