Managed Risk

Risk Dashboard

Updated Jan 25, 2024

Review Arctic Wolf Agent vulnerability debug scans

Arctic Wolf® Agent vulnerability debug scans produce a detailed HTML debug report that describes how a vulnerability was detected on a device. It includes the file or registry settings, and the logic that triggered the risk. Use this procedure to help you interpret the HTML debug report. You can also send your HTML debug reports to your Concierge Security® Team for analysis.

  1. Create an HTML debug report.

    See Arctic Wolf Agent Debug Scans for more information.

  2. Open the HTML debug report in a web browser.

    Note: It may take some time to completely load the report. When the pie chart at the top of the page is fully rendered, the loading is complete.

  3. In the Rule Results Summary section, click the FAIL filter to view only the failed tests.

  4. Click the applicable vulnerability to see more information.

  5. Review the Result Component Logic for logic conditions that are green. This indicates that the conditions matched the logic Arctic Wolf uses to determine if a vulnerability exists.

    For example:

    Result Component Logic

  6. Click OVAL TEST to view more information.

    The file value or registry value and logic displays.

    For example:

    OVAL TEST details

  7. If the vulnerability is for a File State, click show untested values.

    Information displays about the file that triggered the vulnerability detection.

    For example:

    File state information