Skip to Content
InsightappsecHIDDEN

New Feature in IAS | Vulnerability Groupings

Below are high-level overview of changes that will impact the user experience with the new vulnerability groupings feature in InsightAppSec.

What’s new?

Vulnerability Groups

Triaging scan results can be one of the most arduous parts of vulnerability management - but it’s also one of the most critical. Teams need to be able to quickly interpret results to identify priorities and determine next steps for safeguarding the attack surface.

That is why we are delighted to introduce two new viewpoints which sit alongside the all vulnerabilities table in the IAS UI. These new views allow you to not only see all of your vulnerabilities, but additionally allow you to view vulnerabilities grouped by both attack type & application and attack type.

With vulnerability grouping you can visualize attacks both within a single application and across your entire application inventory, allowing you to seamlessly assess and respond to potential risks

All vulnerabilities view - Under the All Vulnerabilities view you will be able to see the full details of all of your vulnerabilities to give you full oversight into your attack surface area.

All Vulnerabilities View

Attack type view - You will be able to see vulnerabilities grouped by each of our 100+ attack types which alerts you to any attacks which you may be more susceptible to than others.

Attack Type View

Application and attack type view - You will be able to view attack types with exposures for specific applications, which alerts you to your applications which carry the highest level of threat.

Application and attack type view

The new views will allow you to pre-triage vulnerabilities by type and then hone in on viable attack threats and potential weak points that are pertinent to your business to ensure the continued focus on reducing and protecting your full attack surface via efficient threat remediation.

Group changes to vulnerability severity and status

Under the new grouped views you can now make changes to the severity and status of vulnerabilities in each selected grouping. This means that if you want to change the severity or status of all vulnerabilities or a selection of vulnerabilities in a group you can execute that change in one simple move all from the same viewing panel. This helps you to drive more efficient triaging of your vulnerabilities and simplifies vulnerability remediation by allowing you to concentrate on large areas of threat or identifying threats focused on key functional areas.

Group changes

To change a severity or status at group level follow the steps below:

  1. Ensure you have reviewed all vulnerabilities in the group to get an accurate understanding of all vulnerabilities before changing their status or severity.
  2. In the Attack type or App and attack type view:
    • Expand the group view so you can see all the vulnerabilities in a group.
    • Select all or a combination of vulnerabilities in the group.
    • To change the status, select the bulk action change status field and select a status.
    • To change the severity, select the bulk action change severity field and select a severity.
  3. Best Practice: In the Comments section, add notes about the reason for the status or severity change.

The vulnerability severity or status is updated for all users to see.

Updated status

Grouped addition of vulnerability comments

An additional feature of the new grouped views is the ability to bulk add comments against the vulnerability groups. This key feature enables analysts to manage threats by rapidly adding comments against entire groups of vulnerabilities.

Vulnerability Groupings Comments

While comments can be bulk added, edits to a comment are required to be made at the individual vulnerability level. This control is in place to facilitate out of sync changes with new vulnerabilities being added to a group and to control comment updates at individual vulnerability level.

To add a comment at group level follow the steps below:

  1. Ensure you have reviewed all vulnerabilities in the group to get an accurate understanding of all vulnerabilities adding a group comment.
  2. In the Attack type or App and attack type view:
    • Expand the group view so you can see all the vulnerabilities in a group.
    • Select all or a combination of vulnerabilities in the group.
    • To add a comment, select the bulk action change comment field and add a comment.
    • Note - Changes to bulk comments can only be made at an individual vulnerability level. That is, bulk comment updates are not supported.

The vulnerability comment is updated for all users to see.

Updated Vulnerability Comments