This article describes how to find assets, such as computers, services, and EC2 workloads, that are vulnerable to a specific CVE. There are two methods to retrieve this information from the Alert Logic console – you can quickly review the affected assets and related mitigation steps through the Exposures page, or create a report that can be shared and referenced through the Current Vulnerability Finder report. Both methods are described below.
Note: This article applies to Alert Logic® Managed Detection & Response customers who have opted into the new Alert Logic console. For more information on the new console experience, see the Improved Console Dashboards, Navigation, and Exposures knowledge base article.
Use the Exposures Page to Find Specific Vulnerabilities
- In the Alert Logic console, navigate to the Remediations page by selecting the Navigation menu () > Respond > Exposures.
- In the drop-down menu at the top of the page, select Organize by Exposure.
- In Search, enter the CVE.
- Click Open to view the affected assets and remediation steps.
Use the Current Vulnerability Finder Report to Find Specific Vulnerabilities
- In the Alert Logic console, navigate to the Current Vulnerability Finder This report is located at Navigation menu ()> Validate > Reports. On the Reports page, select the Vulnerabilities tab and then click View under Current Vulnerability Finder.
- In the Step 1 section, select the scope for the report.
- In the Step 2 section, enter the CVE to find and press ENTER. A list of matching vulnerabilities displays.
- Select the CVE in the list and then click View All Vulnerability Instances. A list of the vulnerable assets displays.
- Click Download to download the report, which can then be printed or emailed as needed.