Managing Vulnerability Types

Scenario

This section describes how to manage vulnerability types. The detailed operations are as follows:

• Viewing Existing Vulnerability Types: Describes how to view existing vulnerability types and their details.
• Adding a Vulnerability Type: describes how to create custom vulnerability types.
• Associating a Vulnerability Type with a Layout: describes how to associate a custom vulnerability type with an existing layout.
• Editing a Vulnerability Type: describes how to edit a custom vulnerability type.
• Managing a Vulnerability Type: describes how to enable, disable, and delete a custom vulnerability type.

Limitations and Constraints

• Currently, the built-in vulnerability types of the system do not support customized layouts.
• Built-in vulnerability types are enabled by default and cannot be edited, enabled, disabled, or deleted.
• After a user-defined vulnerability type is added, the type ID cannot be modified.

Viewing Existing Vulnerability Types

1. Log in to the management console.
2. Click in the upper part of the page and choose Security > SecMaster.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 1 Workspace management page
   

4. In the navigation pane on the left, choose Security Orchestration > Objects. On the displayed page, click the Type Management tab.
   Figure 2 Type Management page
   

5. On the Type Management page, click the Vulnerability Type tab.
6. On the Vulnerability Type tab page, view details about existing vulnerability types. For details about the parameters, see Table 1.

   Table 1 Vulnerability type parameters

   Parameter	Description
   Type Name/Type Tag	Name and tag of a vulnerability type
   Associated Layout	Layout associated with the vulnerability type.
   Startup Status	Indicates the enabling status of a vulnerability type: Enabled: The current type has been enabled. Disabled: The current type has been disabled.
   Built-in	Indicates whether the vulnerability is a built-in vulnerability type.
   Description	Description of a vulnerability type
   Operation	You can edit and delete vulnerability types.

Adding a Vulnerability Type

1. Log in to the management console.
2. Click in the upper part of the page and choose Security > SecMaster.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 3 Workspace management page
   

4. In the navigation pane on the left, choose Security Orchestration > Objects. On the displayed page, click the Type Management tab.
   Figure 4 Type Management page
   

5. On the Type Management page, click the Vulnerability Type tab.
6. On the Vulnerability Type page, click Add. On the Add Vulnerability Type slide-out panel, set type parameters.

   Table 2 Vulnerability type parameters

   Parameter	Description
   Type Name	Name of the vulnerability type to be added.
   Type Tag	Enter the vulnerability type ID. The keyword must comply with the upper camel case naming rules, for example, TypeTag.
   Startup Status	Indicates the enabling status of the vulnerability type:
   Description	Description of a user-defined vulnerability

   NOTE:

   After a user-defined vulnerability type is added, the Type ID cannot be modified.

7. In the lower right corner of the page, click Confirm.

   After the threat intelligence type is added, you can view the new type in the table on the Vulnerability Type page.

Associating a Vulnerability Type with a Layout

NOTE:

Currently, built-in vulnerability types do not support customized layouts.

1. Log in to the management console.
2. Click in the upper part of the page and choose Security > SecMaster.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 5 Workspace management page
   

4. In the navigation pane on the left, choose Security Orchestration > Objects. On the displayed page, click the Type Management tab.
   Figure 6 Type Management page
   

5. On the Type Management page, click the Vulnerability Type tab.
6. On the Vulnerability Type page, select the vulnerability type to be associated with a layout and click Associated Layout in the Operation column of the target type.
7. In the Associate Layout dialog box, select the target layout and click OK.

Editing a Vulnerability Type

NOTE:

• Currently, the built-in vulnerability types cannot be edited.
• After a user-defined vulnerability type is added, the type ID cannot be modified.

1. Log in to the management console.
2. Click in the upper part of the page and choose Security > SecMaster.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 7 Workspace management page
   

4. In the navigation pane on the left, choose Security Orchestration > Objects. On the displayed page, click the Type Management tab.
   Figure 8 Type Management page
   

5. On the Type Management page, click the Vulnerability Type tab.
6. On the Vulnerability Type page, select the type to be edited and click Edit in the Operation column of the target type.
7. On the displayed page, edit the parameter information of the corresponding type.

   Table 3 Vulnerability type parameters

   Parameter	Description
   Type Name	Name of a user-defined vulnerability type
   Type Tag	Vulnerability type ID, which cannot be modified.
   Startup Status	Set the enabling status of the vulnerability type:
   Description	Description of a user-defined vulnerability

8. In the lower right corner of the page, click OK.

Managing a Vulnerability Type

1. Log in to the management console.
2. Click in the upper part of the page and choose Security > SecMaster.
3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 9 Workspace management page
   

4. In the navigation pane on the left, choose Security Orchestration > Objects. On the displayed page, click the Type Management tab.
   Figure 10 Type Management page
   

5. On the Type Management page, click the Vulnerability Type tab.
6. On the vulnerability type tab, manage vulnerability types.
   NOTE:

   • Built-in vulnerability types are enabled by default. You do not need to manually enable them.
   • Currently, the built-in vulnerability types cannot be disabled or deleted.

   Table 4 Managing a vulnerability type

   Operation	Description
   Enable	On the Vulnerability Type page, select the type to be enabled and click Batch Enable. Alternatively, locate the row containing the vulnerability type to be enabled, click Disable in the Status column. In the dialog box displayed, click OK. If the system displays a message indicating that the operation is successful and the status of the target type changes to Enable, the target type is enabled successfully.
   Disable	On the Vulnerability Type page, select the type to be disabled and click Batch Disable. Alternatively, locate the row containing the vulnerability type to be disabled, click Enable in the Status column. In the dialog box displayed, click OK. If the system displays a message indicating that the operation is successful and the Status of the target type changes to Disable, the target type is disabled successfully.
   Delete	On the Vulnerability Type tab, select the vulnerability type to be deleted and click Delete in the Operation column. In the displayed dialog box, enter DELETE and click OK.