View attack surface tests - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Administrator Guide

Cortex XSIAM
Creation date
Last date published
Administrator Guide

View information about the available attack surface tests, and enable or disable tests on the Vulnerability Testing page. By default all tests are enabled.

  1. Navigate to Policies and RulesAttack Surface Testing.

  2. Filter and sort the list of tests as needed to identify the tests you want to enable or disable.

  3. Select one or more tests using the check boxes, and right click to Enable or Disable them.

Attack surface test field descriptions



Affected Software

Software names and versions impacted by this vulnerability.


Common Weakness Enumeration ID. This ID is defined by MITRE.


When Cortex XSIAM released this test.


Description of the vulnerability.

EPSS Score

The Exploit Prediction Scoring System (EPSS) score indicates the likelihood that a vulnerability will be exploited in the wild. Possible values are between 0 and 100%, and the higher the score, the greater the probability that a vulnerability will be exploited.

First Published

When this vulnerability was first published.


Unique ID for this test.


Name of the test.


Research references and supporting documentation.

Remediation Guidance

Recommended steps for remediating or mitigating the vulnerability.

Severity Score

The CVE severity score is based on the NIST Common Vulnerability Scoring System (CVSS).

Services Found Vulnerable

The number of directly-discovered services owned by your organization that Cortex XSIAM has confirmed vulnerable with this test.


Indicates whether the test is Enabled or Disabled.

Vendor Names

Name of the vendor whose product is impacted by the vulnerability.

Vulnerability IDs

CVE number or other public identifier for the vulnerability.