In Malwarebytes Nebula, Vulnerability Assessment shows vulnerabilities for installed software and operating systems on managed endpoints. Vulnerability data is stored and displayed for up to 90 days prior across all endpoints.
To see the latest vulnerabilities identified on your endpoints, run or schedule an Inventory & Vulnerability Scan. For more information, see Configure Vulnerability Assessment in Nebula.
Here are the different methods to view vulnerabilities:
Navigate to the Vulnerabilities tab to view the vulnerabilities of a specific endpoint. To locate the Vulnerabilities tab:
- On the left navigation menu, go to Manage > Endpoints.
- Click an endpoint name to view the endpoint's properties.
- Click Vulnerabilities.
On the left navigation menu, go to Monitor > Vulnerabilities to view vulnerabilities across your environment.
The following information is displayed for each endpoint vulnerability.
|Application||Detected application name with the vulnerability.|
|Description||Description of the vulnerability and how it is used to exploit the application.|
|Endpoint||Host name of the vulnerable endpoint.|
|Identified date||Date the vulnerability was detected on the endpoint.|
|OS platform||Operating system platform of the endpoint.|
|OS type||Type of operating system installed on the endpoint.|
|Vendor||Vendor name of the installed software which is vulnerable.|
If you have Patch Management, vulnerabilities can be patched from this page by updating software. To update software from this page:
- Click on the CVE number to view additional vulnerability details.
- Select all or check specific boxes for endpoints you wish to update software on.
- On the right, click Update Software.
- In the confirmation window, click Update.
On the Endpoints page, add a new column for a quick glance of the severity of CVEs for each endpoint. The following column is available:
- CVEs by severity: Shows the amount of Common Vulnerabilities and Exposures (CVE) by their severity. Hover over the diagram for a breakdown of vulnerabilities by severity.