Aurora Vulnerability Management FAQs
This information answers frequently asked questions (FAQs) about Arctic Wolf® Aurora Vulnerability Management(Aurora VM) in the 統合ポータル and helps to clarify some of the behavior differences between the リスクダッシュボード and the 統合ポータル.
Contact your Concierge Security® Team(CST) at security@arcticwolf.com if you have questions that are not answered here.
Q: What features are included with Aurora VM?
A: For more information, see Aurora Vulnerability Management features.
Q: What are the main differences between existing Risk Dashboard and Unified Portal features?
For more information, see Unified Portal and Risk Dashboard feature differences.
Q: Which Risk Dashboard features are not in the Unified Portal yet?
For more information, see Features in the Risk Dashboard that are not in the Unified Portal.
Q: What happens to risks when an asset is deleted?
- The asset Asset State changes to Inactive in the 統合ポータル, and then the asset is removed after 120 days.
- The asset remains in scan schedules in the 統合ポータル until you edit the schedule.
- The Status of any risks associated with the asset change to Resolved in the 統合ポータル, and then those risks are removed after 120 days.
- Agent and 内部脆弱性評価(IVA) scanners remain visible.
- The asset can appear again in the 統合ポータル if an Agent or IVA scanner receives a new signal from it.
- The asset will not appear again in the 統合ポータル if you delete the associated Agent or modify an associated IVA scan.
In the リスクダッシュボード, you cannot delete assets with risks that were identified within the last 24 hours or Agent assets that were identified in the last 48 hours. When you delete an asset:
- The asset is also removed from the 統合ポータル
- When you remove an Agent asset:
- It is automatically removed from scan schedules in the リスクダッシュボード.
- The Agent associated with that asset is no longer visible in the リスクダッシュボード or in the 統合ポータル.
- All risks associated with the Agent are deleted from the リスクダッシュボード.
- If the Agent reconnects, the Agent will reappear in the リスクダッシュボード and in the 統合ポータル.
Q: When I uninstall Agent from an asset, what happens to the risk State?
-
If the asset had only Agent as a Source, the Asset State automatically changes to Inactive, and the Status of all associated risks changes to Resolved.
-
If the asset had more than one Source, for example, Agent, IVA, and DHCP, Agent is no longer listed as a Source on the Asset page, the Asset State and risk Status do not change, and the State of all risks associated with the Agent remains unchanged. In this situation, you must manually set the State of any risks associated with that Agent to Accepted or Mitigated so the risks do not impact your Risk Exposure Score.
Q: What can cause an Asset State to change to Inactive?
-
Arctic Wolf Agent is uninstalled from an asset that only had Agent as a Source.
-
The asset is deleted, and then the asset is removed from the 統合ポータル after 120 days.
Q: When a change is made in the Unified Portal, does it synchronize with the Risk Dashboard?
A: No, synchronization between the リスクダッシュボード and the 統合ポータル ended on October 30, 2025. Arctic Wolf recommends that you use the 統合ポータル for all services now, especially for 内部脆弱性評価(IVA) and Agent risks.
-
Tags — When a tag is added or removed from an asset in the 統合ポータル, the change is not immediately applied to the asset in the リスクダッシュボード. However, there is a daily process that synchronizes asset tag changes made in the リスクダッシュボード with assets in the 統合ポータル.
- Category — The 統合ポータル does not have a Laptop category, but if assets with a Laptop category were imported into the 統合ポータル from the リスクダッシュボード, the Laptop category is seen in the filter list. In the future, the Laptop and Desktop categories will be replaced by the Workstation category.
-
State — If you change this to Accepted or False Positive, the change is needed in both portals.
-
Assignee — The change is needed in both portals.
-
Asset Criticality — The change is needed in both portals.
-
Asset Name — The change is needed in both portals.
-
Due Date — The change is needed in both portals.
-
Bulk updates to Tags, Asset Criticality, and Category are not supported for assets that do not have common filters because you cannot import asset data at this time.
-
We are developing tools so that you can initiate a one-time data migration from the リスクダッシュボード to the 統合ポータル. This will allow you to transfer State and Tags data and other information to the 統合ポータル, but some data is not supported for this transfer.
Q: What is the difference between Risk Exposure Scores?
-
New 統合ポータル algorithm — The score is based on the number of risks, scan results based on the Cybersecurity & Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) catalog, and the manually set Asset Criticality of assets.
-
Legacy 統合ポータル algorithm — Risks are displayed based on findings related to a specific CVE. Some findings are grouped together based on Arctic Wolf detection logic. All Unresolved risks, even those with a severity risk score of 3.9 and lower, are displayed and included in risk counts.
- リスクダッシュボード — Some default groupings are applied to risks, but these groupings are mainly applied to risks that are associated with Arctic Wolf Agent scans. Only risks with a severity risk score of 4 or higher are displayed and included in the risk counts.
For more information, see Legacy Risk Exposure Score calculation and Risk Exposure Score calculation.
Q: How do you improve your risk score?
A: In the 統合ポータル, track the behavior of risks in your environment and remediate risks on a regular basis. For the biggest impact, remediate risks with the Highest Risk Score and Highest Risk Severity.
For more information, see Routine tasks in the Unified Portal and View assets impacted by remediation.
Q: Will the Risk Dashboard be decommissioned?
A: Yes, in the future, the リスクダッシュボード and Risk Analytics will be decommissioned, but no features or capabilities will be removed in the meantime. In late 2026, Arctic Wolf will provide tools to migrate your リスクダッシュボード data to the 統合ポータル.