FortiSIEM The IPS Vulnerability Map

The IPS Vulnerability Map

The IPS Vulnerability Map lists devices that have a known vulnerability. You can view the IPS Vulnerability Map by going to Incidents > IPS Vunerability Map, and you can also add new devices to the map.

The IPS Vulnerability Map includes these columns.

Column Description
IPS Event Types The event types associated with the vulnerability
Vendor Vulnerability ID The vulnerability ID provided by the device vendor
CVE IDs The vulnerability ID provided by Common Vulnerabilities and Exposures
Vulnerability Description A brief description of the device’s vulnerability
Found in Device Type Specific devices or applications that have the vulnerability
Found in Version The version of the device or application that has the vulnerability
Fixed in Version The version in which the vulnerability was fixed
Fixed via Patches The patch version in which the vulnerability was fixed

 

Adding Entries to the IPS Vulnerabilities Map

 

Adding Entries to the IPS Vulnerabilities Map

  1. Go to Incidents > IPS Vulnerability Map.
  2. Click Add.
  3. Select the IPS Event Type associated with the vulnerability.
  4. Enter any Vendor Vulnerability ID
  5. Enter any CVE ID

See the Common Vulnerability and Exposures website for CVE IDs. Separate multiple IDs with commas.

  1. Enter a Vulnerability Description.
  2. For Affected Software, click Add, and then select the affected devices or applications from the Found in Device Type
  3. Enter any Found in Version information for the affected software.
  4. Enter any fix information for the vulnerability.
  5. Click OK.
  6. Click Save.
This entry was posted in Administration Guides, FortiSIEM on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.