View information about the available attack surface tests, and enable or disable tests on the Vulnerability Testing page. By default all tests are enabled.
Navigate to → .
Filter and sort the list of tests as needed to identify the tests you want to enable.
Select one or more tests and right click to Enable or Disable them.
Attack surface test field descriptions
Field | Description |
|---|---|
Affected Software | Software names and versions impacted by this vulnerability. |
CWE IDs | Common Weakness Enumeration ID. This ID is defined by MITRE. |
Created | When Cortex Xpanse released this test. |
Description | Description of the vulnerability. |
EPSS Score | The Exploit Prediction Scoring System (EPSS) score indicates the likelihood that a vulnerability will be exploited in the wild. Possible values are between 0 and 100%, and the higher the score, the greater the probability that a vulnerability will be exploited. |
First Published | When this vulnerability was first published. |
ID | Unique ID for this test. |
Name | Name of the test. |
References | Research references and supporting documentation. |
Remediation Guidance | Recommended steps for remediating or mitigating the vulnerability. |
Severity Score | The CVE severity score is based on the NIST Common Vulnerability Scoring System (CVSS). |
Services Found Vulnerable | The number of directly-discovered services owned by your organization that Cortex Xpanse has confirmed vulnerable with this test. |
Status | Indicates whether the test is Enabled or Disabled. |
Vendor Names | Name of the vendor whose product is impacted by the vulnerability. |
Vulnerability IDs | CVE number or other public identifier for the vulnerability. |