Aurora Vulnerability Management features
Aurora Vulnerability Management (VM) enables you to discover, assess, and harden your environment against digital risks. This table summarizes the Aurora VM features that are in the Unified Portal.
| Feature category | Feature details | Supporting documentation |
|---|---|---|
| Risk discovery and monitoring | External Vulnerability Assessment (EVA) scans — Scans external-facing assets to understand the digital footprint of your organization and quantify risk exposure. This includes account takeover (ATO) risk detection, Open Worldwide Application Security Project (OWASP) top 10 scanning, and automated sub-domain detection. | |
| Internal Vulnerability Assessment (IVA) scans — Continuously scans all internal IP-connected devices while cataloging core infrastructure, equipment, peripherals, workstations, IoT devices, and personal devices. This includes proactive risk monitoring and stateless scanning and secure transfers. | ||
| Host-Based Vulnerability Assessment — Continuous host-based monitoring, to provide visibility into Windows Server and workstation, macOS, and Linux endpoints. Audit reports identify and categorize assets, reveal system misconfigurations and user behaviors, and highlight vulnerabilities. | ||
| Consolidated views of assets and risks | Asset inventory — A consolidated view of assets discovered by EVA, IVA, and Agent sources for broad visibility. View details about individual assets. | |
| Risk overview — View all unresolved risks on active assets that were identified by EVA, IVA, and Agent sources. View details about the scans in your environment grouped by vulnerability. | ||
| Data filters — Apply filters to data, to refine the data that you want to view, or create custom filter sets to use later. | ||
| Prioritize and remediate vulnerabilities | Routine task guidance — A summary of tasks to complete on a semi-regular basis to help with risk tracking and remediation. | |
| Asset tagging — Gain additional asset context for risk prioritization efforts. Use tags to classify and organize assets, pivot and review assets and risks during hardening efforts, automate asset management, and improve reporting. | ||
| Asset criticality — Apply a pre-defined Asset Criticality to assets that defines the importance, to help with risk mitigation planning. | ||
| Asset category — Apply a pre-defined Category to assets to more accurately identify the purpose of the asset. | ||
| Asset deletion — Remove assets, including assets associated with risks that were identified within the last 24 hours, and Agent assets that were identified within the last 48 hours. | ||
| Risk evidence — View detection finding details for an individual risk to understand why an asset is considered vulnerable and the risk impact on your organization. | ||
| Remediation impact — View assets that will be affected by a specific remediation and the threat exposure impact the remediation will have on your environment. | ||
| Remediation data — Export remediation data into a CSV file, so that you can process, share, or import it into another system. | ||
| Software patching — Automate the remediation of vulnerabilities that were detected by Aurora VM by applying software patches to supported third-party software if Arctic Wolf Agent is installed on the asset. | ||
| Asset rescan — Rescan assets to validate that mitigation efforts were successful.
Note: You can't rescan assets that have a Source of EVA or a State of Inactive.
|
||
| Report and measure success | Risk exposure score — View how at risk your network environment is. The score updates automatically when new risks are found, existing risks are mitigated or accepted, or when the Common Vulnerability Scoring System (CVSS) score for the existing risks change. Arctic Wolf calculates the Risk Exposure Score of an organization based on the number of risks, scan results based on the Cybersecurity & Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) catalog, and the manually set Asset Criticality of assets. | |
|
Risk metrics dashboard — View your security posture including:
|
||
| Executive summary report — Create and download a summary of your organization's security posture to share with executives and stakeholders. | ||
| Data export — Export the Risks table or remediation data to a CSV file for sharing, analysis, or backup. | ||
| EVA reports — View reports that were previously sent to your organization that contain security-relevant information based on the Aurora VM solution. | ||
| Integrations | Cloud Security Posture Management (CSPM) — Configure an integration between the ticket management system in the Arctic Wolf Unified Portal and your IT service management (ITSM) software. | |
| IT Service Management (ITSM) integration — Create ITSM tickets for risks in the Unified Portal when your ITSM solution is integrated. |