Comment on page
Assess and prioritize most exploitable vulnerabilities
Helm returns the severity level of vulnerabilities (CVSS v2 and v3 scores), their level of exploitability (EPSS score), and their exploit and threat sources, including indicating if vulnerabilities are on the CISA KEV list, whether they are in the Exploit Database (exploit-db.com) or have a Metasploit toolkit available to make attacks easier, and whether they meet the criteria of the top 25 CWEs (Common Weakness Enumerations).
Once you've analyzed a vulnerability, you can rescore the vulnerability based on your device's particular environment and usage. This aggregate severity, exploitability, and threat information enables you to minimize false positives, focus on critical vulnerabilities that can be exploited first, and strengthen your cybersecurity defenses.
You can easily stay on top of new vulnerabilities as Helm, including those that:
- have an exploit or malware kit available, making exploiting this vulnerability easier
- have suggested Windows KB updates you could resolve by applying the respective KB to the next version of your SBOM (Windows operating systems only)
- have been updated in the NVD
To ensure you're focusing on the most exploitable vulnerabilities, you can create and apply a reusable rescore profile to rescore all vulnerabilities across a product version. You can also rescore individual vulnerabilities manually.
Once you've rescored your vulnerabilities, you can then prioritize the remaining vulnerabilities by filtering down on those that have a combination of high CVSS scores with high exploitability (EPSS) scores, as well as having exploits or threats publicly available.
In the filter bar, you can filter down to exactly what you need. For all filter drop-downs, you can select the Any option or select exactly the options you want to focus on. For text filters, you can just enter the appropriate value.
Filter | Description |
|---|---|
Severity | Filter on critical, high, medium, and low vulnerabilities |
CVSS... | Search for all CVSS scores greater than or equal to the whole number you enter. For example, searching on 8 will give you 8-10.
|
Vuln ID... | Search for a particular vulnerability ID |
Supplier... | Search for vulnerabilities that impact a particular supplier, such as Microsoft. |
Dependency component... | Search for vulnerabilities that impact a particular dependency component, such as Windows. |
CVSS version | If you're only interested in one CVSS version, you can filter on only CVSS v2 scores or only CVSS v3 scores. If a particular version's score is not available, the other version will display.
If one or both scores do not exist, this will show as a blank in the CVSS column. |
Exploit | Filter down on exploits and threats to see vulnerabilities:
|
EPSS score... | Search for all EPSS scores greater than or equal to the whole number you enter. For example, searching on 80 will give you everything 80% or above. |
Start and End date | Select a date range to see all vulnerabilities added or updated in external sources during that timeframe. This does not include updates made by your team during security review and analysis. |
If you’ve previously assessed a vulnerability, but you see an Updated on date display in the Detected on column, this indicates that the vulnerability has been updated. You’ll want to check to make sure that this doesn’t increase its severity for your particular case.