Vulnerability

The Vulnerability violation is accessible under PoliciesAsset PoliciesVulnerabilities.

The vulnerability page contains a list of assets with CVSS V3 score range policies that is not allowed in the system.

Any policies that are listed in this page will make MetaDefender OT Security trigger alert alerting when the asset is in CVSS V3 range.

Each record in the asset list contains rules about:

  • The asset type/subtype or vendor.
  • CVSS V3 range is not allowed.

Vulnerability policies are added manually by the user.

Note: The blocklist policy can be detected even user didn’t turn on Anomaly Detection.

When the user acknowledge anticipated the alert, the item will display in Exception Anticipated. If the user deletes this item, MD OT Security will detect and trigger an alert related to this blocklist policy again.

1. View policy

The Vulnerability page is paginated, each page contains 20 records, and the total number of policy records is displayed at the bottom of the list.

Policies are displayed in a list; each record contains the following information:

  • Asset: asset type/subtype or vendor.
  • Score range: CVSS V3 score range from - to.

2. Create a new policy

You can create a new policy by tapping on the button “+” on the top right of the Policy screen, a policy creation pop-up will appear

Note: Create duplicate policy is not allowed.

3. Edit policy

You can edit a policy by tapping on the “Edit” button on the right of each policy record, a policy editing pop-up will appear.

In the pop-up editing, you can see the detailed policy. You can edit by clicking on the field to be edited and perform input operations like when creating a policy.

Note: Field IP, MAC, and Source of the rule are non-editable.

When finished editing, click “Save” to save the changes or “Cancel” to discard all.

4. Search policy

The Searching feature for the policy list is located at the top of the policy page.

You can search on one or more fields of the policy, just input value onto one or more fields.

Click the “Clear” button to clear the values in the filters.

5. Remove policy

You can remove a policy from the list by clicking the "Delete" button on each policy record.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Firmware Changes
On This Page
Vulnerability1. View policy2. Create a new policy3. Edit policy4. Search policy5. Remove policy