Searching CVITs Based on FIN (Container Detections)

SeleneEid
Kilo Contributor

As a vulnerability analyst/manager, we are looking for the ability to search CVITs based on the underlying detections (FIN) associated with the CVIT. The biggest reason that we are looking for the ability to search for this is the fixed version for CVITs live in the FIN records, and we would like to create an exception rule that looks for any CVITs that have an FIN with no fixed version and automatically put it into a deferred state. Today the ability to dot walk to the FIN from the CVIT does not exist, so I'm wondering if there is anything we can do to achieve this.

 

We have a very large environment, therefore having the IT Remediation Owners submit an exception for every CVIT that has a detection with no fixed version would be an impossible task to keep up. 

 

I'm wondering if there a way for me to search for FIN123456 and get all of the CVITs that have that finding associated to it? Or is there any dashboarding capabilities that would give me a similar solution?

0 REPLIES 0