Vulnerabilities

What is a vulnerability card?

Vulnerabilities are the weaknesses in systems, exploited by Threat Actors, often using malware. Tracking vulnerabilities is useful, especially if they are in systems and assets you are managing, because it helps prioritize vulnerability management programs. If you can easily track, for example, which vulnerabilities are actively exploited right now, in the wild, then that may help you provide some direction to what to patch first, and what can wait.

How to create a vulnerability card

Creating Vulnerabilities in the workbench

  • Go to the Workbench in the sidebar (go there now with this link)

  • Scroll down to 'Vulnerabilities'

  • Type in the name or code of the Vulnerability you want to create, click on 'create'

  • Wait a minute or two: Liberty91 is looking for relevant reporting and generating a custom description for your new Vulnerability

  • Don't forget to tune its criticality

creating a new vulnerability in the workbench is easy

Creating a Vulnerability in the Vulnerability Overview

  1. Go to 'Vulnerabilities' under your Threat Library in the sidebar. You may have to scroll down a bit.

  2. The top-left card is green, and shows a plus-sign. Type in the name of your new vulnerability and click 'create'.

  3. Wait a minute or two: Liberty91 is looking for relevant reporting and generating a custom description for your new Vulnerability

  4. Don't forget to tune its criticality

simply provide a name or code in the green top-left box

Creating a Threat Actor based on a Suggestion

Sometimes, Liberty91 will suggest new Threat Actors, Malware of Vulnerabilities for in your Threat Library. These are based on events in your dashboards. When you see one that you'd like to keep tracking, just click on it and Liberty91 will collect the relevant reporting and generate a relevant and accurate description for you.

  1. Find the 'Suggested Vulnerabilities' in an Event Card. They are on the side, under the Analysis and the Threat Library Links that already exist.

  2. Click on the Vulnerability you want to create a card for and track

  3. Wait a minute or two: Liberty91 is looking for relevant reporting and generating a custom description for your new Threat Actor

  4. Don't forget to tune its criticality

Clicking on FunnySwitch (for example) would create a new threat card in your Threat Library

Aliases

Vulnerabilities can go by codes, identifiers and nicknames. The vulnerability CVE-2024-4323 for example, is also known as 'Linguistic Lumberjack'. You don't want to create multiple Vulnerability Cards for the same thing, so having a Vulnerability Card named 'Linguistic Lumberjack' with Alias 'CVE-2024-4323' helps capture mentions of both, under the same card.

What is on a vulnerability card?

When you first create a vulnerability card, there will be nothing on it. That's because Liberty91 is still collecting relevant reporting and learning as much as it can about your new vulnerability.

When you create a new vulnerability, there will be nothing to see initially

But once Liberty91 has found relevant reports, it will create a custom, relevant and up-to-date analysis for you, telling you exactly what it is and how it applies to you. If you want to update this (perhaps because new reporting has come out), just click on 'update description'.

A custom, up-to-date and relevant analysis

Additionally, any relevant reports are nicely categorized under the description:

all relevant reporting on this vulnerability
PreviousMalwareNextKeywords

Last updated