FAQs

Active View

Active View provides a consolidated view of web apps and vulnerabilities drawn from previous scans. Drilling down into web apps will display detailed information regarding the vulnerabilities found. Similarly, reviewing vulnerabilities will display affected web apps.

These are the top-five worst web apps with medium, high, and critical vulnerabilities.

See more: Assets At Risk

These are the top-five worst medium, high, and critical vulnerabilities that exist in your environment.

See more: Vulnerabilities You Should Fix

When viewing Vulnerabilities in Active View or the results of a scan, you can select individual vulnerabilities you want to hide.

To open the Hide Vulnerability dialog where you can provide a reason for hiding the vulnerability, select More options > Hide above the table.

Selecting OK hides the vulnerability. You can reveal hidden items by way of the tools menu on the table header bar.

This is done in the same way as hiding vulnerabilities with one exception: Before selecting OK in the Hide Vulnerability dialog, select True, and then select the False positive checkbox. Enter a note, and then select OK.

WARNING: Retiring an asset is not reversible and removes all data from that asset’s history from the account.

The Fortra VM Vulnerability Dictionary (Support > Vuln Dictionary) provides information about known vulnerabilities. The list, which is updated frequently, includes high-level information about specific vulnerabilities and, when appropriate, remediation steps. You can link low-level vulnerability information to this page for users who require greater detail.

Security GPA is the unique grading system used by Fortra VM.

See more: Security GPA

These two concepts comprise the most important aspects of a discovered vulnerability. The "class" is based on the type of threat presented and how it is discovered; "severity" describes the potential of immediate threat.

Possible classes include:

  • Explicit - Conclusive evidence of this item was found.
  • Potential - Indicators of a possible vulnerability were found.
  • Recon - Visible network or asset information that could aid an attacker.
  • Compliance -  Item related to a security standard, such as the Center for Internet Security (CIS) Benchmarks.
  • Malware - Known malware was discovered.

Fortra VM provides a variety of ways to search and filter data.

See more: Find Information in Fortra VM

Scanning

The “Full Scan” scan policy, the default scan policy for VM scans, contains checks for potential CVCs. The “Penetration Test” scan policy does not check for potential CVCs because the focus of a penetration test is on vulnerabilities with exploits.

System Administration

In the Account section of Fortra VM, the Account Profile page has the settings most directly related to your account. Begin here by reviewing the settings your account was set up with.

In the General section, verify your Account name, Time zone, and the other information is accurate.

From the Account page, review the security settings and update if needed. Select Save after you make updates.

See more:Users and Roles

See more:Users and Roles

See more:Users and Roles

See more:Users and Roles

Your scanners are listed in the Scan Settings section of Fortra VM on the Scanners page. The status of each scanner is shown beside the scanner’s name as a colored disc. A green disc indicates the scanner is online, orange is pending, and red is offline.

A scanner profile manages how a scanner interacts with a network. It uses asset rules to limit which IP addresses and ports are available to scan. Additionally, you can designate blackout times that prevent the scanner from beginning a scan during certain hours when network traffic, for example, might already be high. Blackout times are enforced based on the timezone of the assigned scanners. If a scan is triggered during a blackout time, it will delay scanning until the next available time.

Any externally routable IP addresses are reviewed by Fortra VM support to protect against accidental scanning of another network. Pending ranges are automatically flagged for speedy review. Once they are approved, they are active immediately.

You do not need to wait on approval to begin configuring asset groups or even scans. Any target rules created for pending ranges will initially show that range as excluded, but this changes as soon as the range is approved without further action on your part.

An asset is any network resource with an IP address that can be communicated with over various network protocols and scanned. Printers, routers, servers, desktops, laptops, and network appliances are examples of common assets found in a typical environment.

An asset group is a predefined set of assets that can be used as a target for a scan. These are created by specifying rules that describe included assets.

Standard asset groups are defined by IP addresses and hostnames, and associated ports. Dynamic asset groups are built with filter rules that define assets by attributes (for example, All domain controllers).

See more:Asset Groups

The Preferred Hostname setting lets you control how discovered assets display in Fortra VM. Options for preferred hostname include IP address, DNS hostname, and NetBIOS name.

Asset Smart ID allows Fortra VM to automatically assign a universally unique identifier (UUID) to an asset for endpoint correlation.

Enabling Static IP Matching allows the scanner to automatically correlate assets using only IP addresses.

If an asset’s IP address changes and is then scanned using static IP matching, it will display in Active View as a new and unique asset.

NOTE: This setting is ignored in ranges designated as DHCP.

The RNA is a virtual appliance installed on your network for the purpose of running vulnerability scans against your assets. The comprehensive data gathered by the RNA is presented to you on Fortra VM, a web portal that helps you understand and manage your vulnerabilities.

A web application or web app is a computer program or website that runs in a web browser.