VulnDB integration – Software Vulnerability Management
We’re very excited to introduce the Software Vulnerability Management [optional paid add-on] to Device42 with the release of v15.17.00. Device42 has partnered with Risk-Based Security (RBS) to integrate VulnDB, a premier software vulnerability database maintained by a dedicated team of research professionals, featuring some of the most comprehensive vulnerability & CVE coverage available – including over 178,000 vulnerabilities that cover more than 18,000 vendors, and over 67,000 vulnerabilities above and beyond those found in the NVD/CVE database.
In combination with Device42’s industry leading discovery and IT asset management capabilities, users will now enjoy automated software vulnerability detection including detailed vulnerability information with solution information for accelerated remediation.
Software Vulnerability Management with VulnDB adds these powerful new capabilities to Device42:
|View vulnerabilities for discovered software assetsIdentify all devices that contain software affected by a certain vulnerability||Leverage built-in VulnDB product ratings to identify risky software and to inform purchase decisionsRemediation solutions and detailed information available for each discovered vulnerability — simply click the vulnerability ID for more info!|
Simply head to the Software Components screen to review vulnerabilities. Get there from the Device42 main menu, Apps → Software → Software Components. Device42’s comprehensive auto-discovery constantly scans for changes to IT infrastructure, which are then referenced against the VulnDB database to quickly locate potential issues. Download Device42 + VulnDB [free for 30 days!] and scan your IT infrastructure for vulnerabilities today!
Enhanced discovery information now available via DOQL
This release also adds discovery job information to DOQL. A new view has been added for each discovery type available in Device42, and both job names and scores are now available for use in queries and reporting.
Additionally, the DOQL view view_remotecollector_v1 has been added to allow customers to view details specific to each remote collector, including the RC name, discovery job information, scheduled jobs, and more.