Power Search Your Way Through the Vulnerability Haystack

Aug 22, 2011
Jeff Heuer
Chief of Design, Co-founder

Share with Your Network

We’re pleased to announce a powerful new vulnerability search architecture for Risk I/O! Users can now search and filter their vulnerabilities more easily than ever before. The heart of this new functionality is a set of filters that can be mixed-and-matched to generate the specific query that meets your needs.

Individual filters can be expanded to view their possible values, and alongside each value a count is displayed of the number of matching vulnerabilities. Selecting multiple values for a given filter will return a wider data set, while restricting your search to a single value lets you narrow in on vulnerabilities matching very specific criteria.

You could start by looking at all your vulnerabilities tagged “OWASP”, “PCI” and “DMZ”. From there, narrow your results down to vulnerabilities discovered in the last month. Add a further refinement that only high-threat results should be returned. It’s your data, explore it how you want — the possibilities are endless, and we’re expanding the types of metadata available to filters quickly.

While we were at it, we made some improvements to the existing search functionality as well. Our primary search box is still the quickest way to scan your vulnerabilities for specific text or keywords. In combination with other searches, you can use our numeric sliders to limit the results you see based on asset priority, threat level, severity level, and/or overall vulnerability score. Filtering by tag supports boolean criteria: use “any” (boolean OR) or “all” (boolean AND) to specify the tag search logic you’d like to use. As a bonus, all of these searches run faster than ever before.

Combine multiple filters. Vulnerability counts help you understand the nature of your risks.

We hope these enhancements will allow our users to understand and remedy the vulnerabilities they face more quickly and easily. As always, we’d love to hear from you if you have ideas about how we can better achieve this.

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the P2P series explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities.

5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is...



Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You...

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.