Manage vulnerabilities as a security team

From the Vulnerability Management summary page, select Entities to review the vulnerability status of all your entities. This view shows all your entities and allows you to scan and prioratize vulnerability remediation based on weighted vulnerabilities scores and severity profiles.

Clicking into an entity opens up a scoped entity view of Vulnerability Management. Learn more about our scoped entity view in our document on managing vulnerabilities as a developer.

From the Vulnerability Management summary page, select Libraries to review the security impact of all libraries in your system. This view shows all the libraries used by your services and their security impact through vulnerability counts and severity.

Clicking into a specific library provides a detailed view of that library including the number of services using the library, the number of services impacted by CVEs, and details about specific CVEs.

From the Vulnerability Management Summary page, select Vulnerabilities to review all the vulnerabilities in your software system. This view shows every vulnerability, their source, number of impacted entities, and when they were first and last seen.

This view is especially useful when responding to a specific vulnerability found in specific versions of libraries. Instead of reviewing each service to see if it's impacted, this view condenses info based on vulnerability instead of entity or library.

Find the vulnerability you need to solve, click it, review its direct impact of services, and take the recommended remediation steps.

Once you've identified the entities impacted by a specific vulnerability, you can assign the remediation of that vulnerability in a specific entity to a user. This helps you organize large scale remediation between multiple teams and ownership structures.