Vulnerability Management in Cloud Advisor

The new version of Cloud Advisor identifies and prioritizes vulnerabilities in operating systems, packages and libraries on cloud-based virtual machines.

In this release, a new tool that is simple to use and deploy is included to address questions like:

• What widely exploited vulnerabilities are currently present on public resources?
• Which virtual machines are exposed to the Log4Shell vulnerability?
• Which vulnerabilities should be mitigated first?

Vulnerabilities are identified through an innovative, agentless block storage scan. This approach guarantees 100% infrastructure coverage, rapid product deployment, lower total cost of ownership, and no impact on virtual machine performance.

All vulnerabilities found are prioritized based on the network connectivity and permissions of the object on which they are found. For instance, a vulnerability in Log4Shell discovered on a publicly exposed machine will be given higher priority than a similar vulnerability discovered on a machine not connected to the Internet. Additionally, the algorithms of the Vulristics tool are utilized for prioritization while taking into account a number of variables, such as the type of vulnerability, the CVSS score and the existence of a public exploit. This enables you to concentrate your efforts on fixing the vulnerabilities that actually pose a threat to your infrastructure.