Familiarize yourself with Cortex XDR vulnerability concepts.
Vulnerability
A vulnerability is a CVE or other known software security weakness that can occur in a network or system. Vulnerabilities are typically defined by the National Vulnerability Database (NVD) and other established security information sources, such as Github Security Advisory or RedHat Security Advisory.
Note
CVE is an acronym for Common Vulnerabilities and Exposures, which is a list of publicly disclosed security threats. We often use the term "CVE" to refer to a vulnerability that has been a assigned a CVE ID. Cortex XDR identifies CVEs and non-CVE vulnerabilities.
Vulnerability findings
A vulnerability finding is a specific instance of a vulnerability that was discovered in your system through a vulnerability scan. Findings include both actionable and informational context, including information about the asset on which the vulnerability was discovered. Some findings might be critical and should be addressed as soon as possible, others are less important and won’t require any action at all. Cortex XDR applies vulnerability policies to findings to prioritize them and create issues for the ones that are most critical to remediate.
Vulnerability issues
Cortex XDR creates a vulnerability issue when a specific instance of a vulnerability in your environment matches a vulnerability policy. Each issue has a priority, assignee, progress status associated with it. Issues also provide contextual information about the asset on which the issue is found, exploitability, and other information required for remediation and mitigation.