1 Reply Latest reply on Jul 15, 2013 8:05 AM by t3kn1cs

    grouping vulnerabilities with common fixes

    John M Sopp

      Anyone find a way to easily group vulnerabilities together that have a common fix.

      We are talking post scan-we have a list of all the vulns.

      Use case:

      • List of MVIDs with vuln info and affected systems
      • we want to create a "working list" for support teams where each row in the working list shows all the MVIDs that will be fixed by applying a particular patch

       

      i understand that something like this is already in dev...but cuirous to find out if anyone has had any success with creating an interesting home grown ways to do this?

        • 1. Re: grouping vulnerabilities with common fixes
          t3kn1cs

          We did make a database with only the vulnerabilities that is present on our systems.   We added data fields for each VulnID that give us the Manufacture, Impacted Product, Remediations(Patch, Software removal or Configuration Ajustement),  The Patch number.

           

          The easiest way to get the patch number for Microsoft and Adobe vulnerabilities is the get the patch number from the Title between the "( )"  ex.  "(MS00-000) - Title of the vulnerability "

          We only have to enter the data for newly discovered vulnerability *(that could be easily enter from McAfee when they update the database). 

           

          After all that, it is easy to create a reporting system that give you, the patch missing, the unwanted software and the configuration ajustements for any system.