Managing Vulnerability Types

Scenarios

A data class is required for a playbook and workflow running for security orchestration and response. The playbook is triggered by data objects. A data object is the specific instance of a data class. Common data classes include alerts, incidents, indicators, and vulnerabilities.

This section describes how to manage vulnerability types.

• Viewing Existing Vulnerability Types: describes how to view existing vulnerability types and their details. For details about built-in vulnerability types, see Built-in Vulnerability Types.
• Adding a Vulnerability Type: describes how to create custom vulnerability types.
• Associating a Vulnerability Type with a Layout: describes how to associate a custom vulnerability type with an existing layout. Associating layouts is not supported by built-in vulnerability types.
• Editing a Vulnerability Type: describes how to edit a custom vulnerability type. Currently, built-in vulnerability types cannot be edited.
• Managing a Vulnerability Type: describes how to enable, disable, and delete a custom vulnerability type. Built-in vulnerability types are enabled by default. You do not need to manually enable them. Currently, built-in vulnerability types cannot be disabled or deleted.

Notes and Constraints

• Associating layouts is not supported by built-in vulnerability types.
• Built-in vulnerability types are enabled by default. They cannot be edited, enabled, disabled, or deleted.
• After a custom vulnerability type is added, its type tag cannot be modified.

Viewing Existing Vulnerability Types

1. Log in to the SecMaster console.
2. Click in the upper left corner of the management console and select a region or project.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 1 Workspace management page
   

4. In the navigation pane, choose Security Orchestration > Objects. On the displayed page, click the Types tab.
   Figure 2 Types tab
   

5. On the Types page, click the Vulnerability Types tab. The Vulnerability Types page is displayed.
6. On the Vulnerability Types tab, view details about existing vulnerability types. For details about the parameters, see Table 1.

   Table 1 Vulnerability type parameters

   Parameter	Description
   Type Name/Type Tag	Name and tag of a vulnerability type.
   Associated Layout	Layout associated with the vulnerability type.
   Startup Status	Startup status of a vulnerability type: Enable: The current type has been enabled. Disable: The current type has been disabled.
   Built-in	Whether a vulnerability type is built in the system.
   Description	Description of a vulnerability type.
   Operation	You can edit and delete a vulnerability type. Built-in vulnerability types are enabled by default. They cannot be edited, enabled, disabled, or deleted.

Adding a Vulnerability Type

1. Log in to the SecMaster console.
2. Click in the upper left corner of the management console and select a region or project.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 3 Workspace management page
   

4. In the navigation pane, choose Security Orchestration > Objects. On the displayed page, click the Types tab.
   Figure 4 Types tab
   

5. On the Types page, click the Vulnerability Types tab. The Vulnerability Types page is displayed.
6. On the Vulnerability Types tab, click Add. On the slide-out panel, set type parameters.

   Table 2 Vulnerability type parameters

   Parameter	Description
   Type Name	Define a name for the vulnerability type to be added. Naming rules: The name must start with an uppercase letter. Only letters, digits, periods (.), hyphens (-), and underscores (_) are allowed. Periods (.), hyphens (-), underscores (_), and uppercase letters cannot appear consecutively. Each uppercase letter must be followed by a lowercase letter. The name must contain 2 to 64 characters.
   Type Tag	Enter the vulnerability type tag. The keyword must comply with the upper camel case naming rules, for example, TypeTag. Naming rules: The value can consist of multiple words separated by spaces. The value must start with an uppercase letter and end with a lowercase letter. The value consists of letters, and uppercase letters cannot appear consecutively. The value must contain 2 to 64 characters.
   Startup Status	Set the startup status of the vulnerability type.
   Description	Provide a description of the custom vulnerability type.

   

   After a custom vulnerability type is added, its type tag cannot be modified.

7. In the lower right corner of the page, click OK.

   After a new type is added, you can check it in the table on the Vulnerability Types tab.

Associating a Vulnerability Type with a Layout

Associating layouts is not supported by built-in vulnerability types.

1. Log in to the SecMaster console.
2. Click in the upper left corner of the management console and select a region or project.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 5 Workspace management page
   

4. In the navigation pane, choose Security Orchestration > Objects. On the displayed page, click the Types tab.
   Figure 6 Types tab
   

5. On the Types page, click the Vulnerability Types tab. The Vulnerability Types page is displayed.
6. On the Vulnerability Types tab, select the vulnerability type to be associated with a layout and click Associate Layout in the Operation column of the target type.
7. In the Associate Layout dialog box, select the target layout and click OK.
8. After the configuration is complete, go to the Vulnerability Types tab, click the type name, and check the associated layout of the type.

Editing a Vulnerability Type

• Currently, built-in vulnerability types cannot be edited.
• After a custom vulnerability type is added, its type tag cannot be modified.

1. Log in to the SecMaster console.
2. Click in the upper left corner of the management console and select a region or project.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 7 Workspace management page
   

4. In the navigation pane, choose Security Orchestration > Objects. On the displayed page, click the Types tab.
   Figure 8 Types tab
   

5. On the Types page, click the Vulnerability Types tab. The Vulnerability Types page is displayed.
6. On the Vulnerability Types tab, select the type to be edited and click Edit in the Operation column of the target type.
7. On the displayed page, edit the parameter information of the corresponding type.

   Table 3 Vulnerability type parameters

   Parameter	Description
   Type Name	Name of the custom vulnerability type. Naming rules: The name must start with an uppercase letter. Only letters, digits, periods (.), hyphens (-), and underscores (_) are allowed. Periods (.), hyphens (-), underscores (_), and uppercase letters cannot appear consecutively. Each uppercase letter must be followed by a lowercase letter. The name must contain 2 to 64 characters.
   Type Tag	Vulnerability type tag, which cannot be modified.
   Startup Status	Startup status of the vulnerability type.
   Description	Description of the custom vulnerability type.

8. In the lower right corner of the page, click OK.
9. After the modification is complete, click the name of the vulnerability type on the Vulnerability Types tab and view the details.

Managing a Vulnerability Type

1. Log in to the SecMaster console.
2. Click in the upper left corner of the management console and select a region or project.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 9 Workspace management page
   

4. In the navigation pane, choose Security Orchestration > Objects. On the displayed page, click the Types tab.
   Figure 10 Types tab
   

5. On the Types page, click the Vulnerability Types tab. The Vulnerability Types page is displayed.
6. On the Vulnerability Types tab, manage vulnerability types.
   

   • Built-in vulnerability types are enabled by default. You do not need to manually enable them.
   • Currently, built-in vulnerability types cannot be disabled or deleted.

   Table 4 Managing a vulnerability type

   Operation	Description
   Enable	On the Vulnerability Types tab, select the type to be enabled and click Enable. Alternatively, locate the row containing the vulnerability type to be enabled, and click Disable in the Startup Status column. In the displayed dialog box, click OK. If the system displays a message indicating that the operation is successful and the startup status of the target type changes to Enable, the target type is enabled successfully.
   Disable	On the Vulnerability Types tab, select the type to be disabled and click Disable. Alternatively, locate the row containing the vulnerability type to be disabled, and click Enable in the Startup Status column. In the displayed dialog box, click OK. If the system displays a message indicating that the operation is successful and the Startup Status of the target type changes to Disable, the target type is disabled successfully.
   Delete	On the Vulnerability Types tab, select the vulnerability type to be deleted and click Delete in the Operation column. Scenario 1: MFA Has Been Configured in IAM In the confirmation dialog box displayed, confirm the information, enter the credential authentication information, and click OK. The verification method can be a mobile number, an email address, or a virtual MFA. For more information about MFA, see MFA Overview. Scenario 2: MFA Is Not Enabled in IAM In the confirmation dialog box displayed, confirm the information, click Auto Enter to auto-fill DELETE in the text box below, and click OK.