Top Exposure Threats informs an analyst about current assets with the Most Critical Exposures and how many have been affected.
Understanding the Graph
When you hover the mouse over a circle in the graph, you will see the Exposure name (e.g., a vulnerability or "CVE") followed by the number of inventory assets impacted by the exposure.
In the example below, hovering or clicking on a green circle shows CVE-2017-16012: 4. This can be interpreted as:
CVE-2020-11022 - The vulnerability/exposure name.
4 - The total number of assets in the different inventories impacted by the exposure.
NOTE: The circles in darker colors represent the highest number of assets impacted by a particular exposure CVE. These will be listed under Most Critical Exposures: Assets Affected.
Viewing Assets Affected
To view Assets Affected, follow these steps:
1. Click on one of the circles to view more details about which inventory assets have been impacted.
2. When you click on a circle, a filter is automatically applied and the table below will change.
3. To view the inventory assets, click on an item under Asset Name.
4. The Issue Detail page will load. Here you will see under Code Quality more information about the exposure and the Risks and Recommendations for mitigation. Now, click on Validate Inventory.
5. The Validate Inventory page will load and contain the individual assets impacted by the exposure. In this example, there are 10 Software assets that have been affected by the exposure. Make sure you scroll down the page to not miss any assets.