Vulnerability feeds
This area lists all vulnerability feeds which are used by SINEC Security Guard - both vulnerability feeds which are native part of SINEC Security Guard and vulnerability feed which became added to your tenant manually. A vulnerability feed is a source of information about vulnerabilities of products and assets. Vulnerability feeds are required to equip SINEC Security Guard with information about vulnerabilities in the given inventory. Vulnerability feeds are compiled by manufacturers, vendors, organizations, or other stakeholders.
SINEC Security Guard allows to incorporate vulnerability feeds ④ that use the standardized CSAF format. This format enables to map huge amounts of vulnerability information onto a given inventory, including recommendations on how to deal with each specific vulnerability of a product.
Each vulnerability feed indicates its publisher ⑦, the URL ⑧, and the date when information was retrieved last ⑨ as well as the amount of vulnerabilities which came by that retrieval ⑩.
When adding a new vulnerability feed by using the add functionality ④, you need to enter the name of the publisher ⑯ (max. 64 characters) and the URL of the feed ⑰. You can get the URL directly from the publisher - in many cases these are the manufacturers/vendors of assets. You may type or paste ⑮ the URL in the respective input field.
Note After adding a new vulnerability feed, vulnerability information is fetched from the new source ⑪. This process may take some minutes, and during this the new vulnerability feed cannot be deleted again.
The retrieval date will update each time the connection between SINEC Security Guard and the vulnerability feed had been established and information had been exchanged - independent of finding any new advisories for any of the assets in the inventory.
The copy button ⑥ copies the URL of the respective vulnerability feed into the clipboard - e.g. for usage in other tools.
The delete button ⑤ allows to delete a manually added vulnerability feed, so that no further information about vulnerabilities will be retrieved. Finally deleting a feed ㉒ will stop receiving vulnerabilities from this and will delete all associated vulnerabilities and related tasks.
Note SINEC Security Guard allows you to add 3rd party advisory feeds to your customer tenant. Please enter any 3rd party advisory feed for which you are authorized to so only. Siemens will manage any such feed on your behalf. You need to accept these conditions ② to use 3rd party vulnerability feeds with SINEC Security Guard. A vulnerability may be communicated by several vulnerability feeds in parallel. A publisher may offer a vulnerability feed and use it to describe vulnerabilities for own products and/or for products of other manufacturers.
| Number | Description |
|---|---|
| ① | Total number of vulnerability feeds |
| ② | Search field |
| ③ | Indicator for manually added vulnerability feed |
| ④ | Add button |
| ⑤ | Delete button |
| ⑥ | Copy button |
| ⑦ | Publisher name |
| ⑧ | Feed URL |
| ⑨ | Date of latest retrieval |
| ⑩ | Number of vulnerabilities |
| ⑪ | Notification on fetching vulnerabilities |
| Number | Description |
|---|---|
| ⑫ | Button to reject conditions |
| ⑬ | Button to accept condition |
| Number | Description |
|---|---|
| ⑭ | Cancel button |
| ⑮ | Button to paste from clipboard |
| ⑯ | Input field for publisher name |
| ⑰ | Input field for feed URL |
| ⑱ | Button to cancel the adding process |
| ⑲ | Button to add the feed |
| Number | Description |
|---|---|
| ⑳ | Button to cancel the deletion process |
| ㉑ | Button to cancel the deletion process |
| ㉒ | Button to delete the feed |