Anyone find a way to easily group vulnerabilities together that have a common fix.
We are talking post scan-we have a list of all the vulns.
i understand that something like this is already in dev...but cuirous to find out if anyone has had any success with creating an interesting home grown ways to do this?
We did make a database with only the vulnerabilities that is present on our systems. We added data fields for each VulnID that give us the Manufacture, Impacted Product, Remediations(Patch, Software removal or Configuration Ajustement), The Patch number.
The easiest way to get the patch number for Microsoft and Adobe vulnerabilities is the get the patch number from the Title between the "( )" ex. "(MS00-000) - Title of the vulnerability "
We only have to enter the data for newly discovered vulnerability *(that could be easily enter from McAfee when they update the database).
After all that, it is easy to create a reporting system that give you, the patch missing, the unwanted software and the configuration ajustements for any system.