Alert Logic enforces a size limit on the consolidated vulnerability results for an individual asset or host. If the size limit is exceeded, then the consolidated results are not posted for the host, and no vulnerabilities are presented on the Exposures page or vulnerability reports for the host in the Alert Logic console.
As of June 14, 2023, the following two feature enhancements have been enabled to ensure that Managed Detection & Response (MDR) customers are aware if this issue arises and are provided with the proper visibility and guidance to take corrective actions.
- Partial results will now be available in the Alert Logic console, consisting of the highest severity vulnerability instances (up to 2500) for the host. With these partial results, you can start remediating and applying patches on the host to fall below the limit and get complete results.
- A health remediation and exposure are triggered as a warning that partial results are returned for the host that has too many vulnerabilities that exceed the limit.
New Health Remediation
Health remediations are found in the Alert Logic console at > Respond > Health. The new remediation around appears under the Unhealthy: Remediations category of the Health page, and you can filter for Category: Scan to narrow down the list.
The remediation is titled Apply Patches for Complete Vulnerability Results and will note in Details for Exposures that Partial Vulnerability Results Due to Exceeding Limit. This remediation is a confirmation that the vulnerability results for the listed Affected Assets have been limited to the top 2500 out of the total vulnerability instances.
When you see this remediation, follow the security remediation workflow, and apply patches to reduce the number of vulnerabilities. You can use the partial results to address remediations starting with the highest severity.
Once the number of vulnerability instances falls below the individual asset limit, you can return to the remediation on the Health page to Conclude the remediation.
Additional Information
For more information on remediations, refer to the following knowledge base articles:
Comments
0 comments
Please sign in to leave a comment.