Updated on 2024-10-29 GMT+08:00

Managing Vulnerability Types

Scenario

This section describes how to manage vulnerability types. The detailed operations are as follows:

Limitations and Constraints

  • Currently, the built-in vulnerability types of the system do not support customized layouts.
  • Built-in vulnerability types are enabled by default and cannot be edited, enabled, disabled, or deleted.
  • After a user-defined vulnerability type is added, the type ID cannot be modified.

Viewing Existing Vulnerability Types

  1. Log in to the management console.
  2. Click in the upper part of the page and choose Security > SecMaster.
  3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
  4. In the navigation pane on the left, choose Security Orchestration > Objects. On the displayed page, click the Type Management tab.
  5. On the Type Management page, click the Vulnerability Type tab.
  6. On the Vulnerability Type tab page, view details about existing vulnerability types. For details about the parameters, see Table 1.

    Table 1 Vulnerability type parameters

    Parameter

    Description

    Type Name/Type Tag

    Name and tag of a vulnerability type

    Associated Layout

    Layout associated with the vulnerability type.

    Startup Status

    Indicates the enabling status of a vulnerability type:

    • Enabled: The current type has been enabled.
    • Disabled: The current type has been disabled.

    Built-in

    Indicates whether the vulnerability is a built-in vulnerability type.

    Description

    Description of a vulnerability type

    Operation

    You can edit and delete vulnerability types.

Adding a Vulnerability Type

  1. Log in to the management console.
  2. Click in the upper part of the page and choose Security > SecMaster.
  3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
  4. In the navigation pane on the left, choose Security Orchestration > Objects. On the displayed page, click the Type Management tab.
  5. On the Type Management page, click the Vulnerability Type tab.
  6. On the Vulnerability Type page, click Add. On the Add Vulnerability Type slide-out panel, set type parameters.

    Table 2 Vulnerability type parameters

    Parameter

    Description

    Type Name

    Name of the vulnerability type to be added.

    Type Tag

    Enter the vulnerability type ID. The keyword must comply with the upper camel case naming rules, for example, TypeTag.

    Startup Status

    Indicates the enabling status of the vulnerability type:

    Description

    Description of a user-defined vulnerability

    After a user-defined vulnerability type is added, the Type ID cannot be modified.

  7. In the lower right corner of the page, click Confirm.

    After the threat intelligence type is added, you can view the new type in the table on the Vulnerability Type page.

Associating a Vulnerability Type with a Layout

Currently, built-in vulnerability types do not support customized layouts.

  1. Log in to the management console.
  2. Click in the upper part of the page and choose Security > SecMaster.
  3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
  4. In the navigation pane on the left, choose Security Orchestration > Objects. On the displayed page, click the Type Management tab.
  5. On the Type Management page, click the Vulnerability Type tab.
  6. On the Vulnerability Type page, select the vulnerability type to be associated with a layout and click Associated Layout in the Operation column of the target type.
  7. In the Associate Layout dialog box, select the target layout and click OK.

Editing a Vulnerability Type

  • Currently, the built-in vulnerability types cannot be edited.
  • After a user-defined vulnerability type is added, the type ID cannot be modified.
  1. Log in to the management console.
  2. Click in the upper part of the page and choose Security > SecMaster.
  3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
  4. In the navigation pane on the left, choose Security Orchestration > Objects. On the displayed page, click the Type Management tab.
  5. On the Type Management page, click the Vulnerability Type tab.
  6. On the Vulnerability Type page, select the type to be edited and click Edit in the Operation column of the target type.
  7. On the displayed page, edit the parameter information of the corresponding type.

    Table 3 Vulnerability type parameters

    Parameter

    Description

    Type Name

    Name of a user-defined vulnerability type

    Type Tag

    Vulnerability type ID, which cannot be modified.

    Startup Status

    Set the enabling status of the vulnerability type:

    Description

    Description of a user-defined vulnerability

  8. In the lower right corner of the page, click OK.

Managing a Vulnerability Type

  1. Log in to the management console.
  2. Click in the upper part of the page and choose Security > SecMaster.
  3. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
  4. In the navigation pane on the left, choose Security Orchestration > Objects. On the displayed page, click the Type Management tab.
  5. On the Type Management page, click the Vulnerability Type tab.
  6. On the vulnerability type tab, manage vulnerability types.

    • Built-in vulnerability types are enabled by default. You do not need to manually enable them.
    • Currently, the built-in vulnerability types cannot be disabled or deleted.
    Table 4 Managing a vulnerability type

    Operation

    Description

    Enable

    1. On the Vulnerability Type page, select the type to be enabled and click Batch Enable.

      Alternatively, locate the row containing the vulnerability type to be enabled, click Disable in the Status column.

    2. In the dialog box displayed, click OK.

      If the system displays a message indicating that the operation is successful and the status of the target type changes to Enable, the target type is enabled successfully.

    Disable

    1. On the Vulnerability Type page, select the type to be disabled and click Batch Disable.

      Alternatively, locate the row containing the vulnerability type to be disabled, click Enable in the Status column.

    2. In the dialog box displayed, click OK.

      If the system displays a message indicating that the operation is successful and the Status of the target type changes to Disable, the target type is disabled successfully.

    Delete

    1. On the Vulnerability Type tab, select the vulnerability type to be deleted and click Delete in the Operation column.
    2. In the displayed dialog box, click OK.