LogoLogo
Get FDA readyServicesSolutionsGuardian helpGet a demo
  • Helm help center home
  • Get Started
    • Helm features
    • Quickstart process
    • Understand data sources and update frequency
    • Get familiar with the Helm UI
      • Understand your dashboard
      • Helm terminology
    • Don't have an SBOM?
      • Why SBOMs are critical to your present and future
      • Generate CycloneDX SBOM with open-source tools
      • Generate SPDX SBOM with open-source tools
        • Generate SBOM with Yocto on Linux
      • Convert your SBOM from CSV to CycloneDX
      • Get expert Services help
    • Upload your first SBOM
      • Upload or convert .zst SBOM files from Yocto on Linux
  • Automate and integrate
    • Automate and integrate risk prioritization and management
    • Automate SBOM and vulnerability management via Helm API SDK
    • Automate SBOM management via GitHub action
    • Automate SBOM management via MS Azure DevOps extension
    • Create and manage lifecycle rules to automate EOS and EOL information across all products
  • Match components
    • Match unmatched components
    • Understand match statuses
    • Understand match sources
    • Create and manage alias rules to match and rematch components across all products
  • manage sboms
    • Manage SBOM
      • Manage component
      • Manage licenses
      • Create, edit, or merge SBOMs
      • Export your SBOM
      • Upload new version of SBOM with each release
      • Archive a product or product version
    • Find out what products contain a particular component
  • manage vulnerabilities
    • Check whether a particular vulnerability impacts your products
    • Manage vulnerabilities
      • Identify and prioritize exploitable vulnerabilities
        • Get email notifications for new vulnerabilities
        • Send email with vulnerability details for future prioritization
        • Understand issue severity level
          • Understand the CVSS vulnerability scoring system
      • Rescore vulnerabilities in bulk or individually
      • Remediate vulnerabilities in bulk or individually
      • Patch Windows vulnerabilities in bulk or individually
      • Export vulnerabilities
  • Ensure FDA readiness
    • FDA-ready SBOM and vulnerability reports
      • Meet FDA requirements with your FDA SBOM report
      • VEX and VDR reports
    • Understand new FDA cybersecurity requirements for cyber devices
      • Is my device a cyber device?
      • What if I already submitted my cyber device?
    • What should my cybersecurity management plan entail?
      • What does risk management entail?
      • Verification & Validation: Build the right product/service/system in the right way
      • Why do I need a Quality Management System (QMS)?
      • Cybersecurity is everyone's responsibility
  • Terminology
    • Cybersecurity terminology
    • What is CPE?
      • How do I read a CPE string?
  • Administration
    • Manage users
    • Manage products
    • Modify your organization name
  • what's new
    • Changelog
Powered by GitBook

© Copyright MedCrypt 2024, All rights reserved.

On this page
  • Rescoring vulnerabilities
  • Prioritize what vulnerabilities to focus on
  • Filter on most impactful vulnerabilities
  • Bulk remediate vulnerabilities
  • Check for updates to a vulnerability
  • Check for new vulnerabilities

Was this helpful?

Export as PDF
  1. manage vulnerabilities
  2. Manage vulnerabilities

Identify and prioritize exploitable vulnerabilities

PreviousManage vulnerabilitiesNextGet email notifications for new vulnerabilities

Last updated 4 months ago

Was this helpful?

In the context of vulnerability assessment, Helm provides a practical framework for understanding and prioritizing vulnerabilities based on severity, exploitability, and potential threats. This article outlines how Helm utilizes CVSS v2 and v3 scores, along with EPSS scores and threat sources, including indicating if vulnerabilities are on the CISA KEV list, whether they are in the Exploit Database (exploit-db.com) or have a Metasploit toolkit available to make attacks easier, and whether they meet the criteria of the top 25 CWEs (Common Weakness Enumerations).

Rescoring vulnerabilities

You can across an entire product version based on your device's environment and usage, or . Customize vulnerability scores based on your device's unique environment and usage, recalibrating severity, exploitability, and threat information for a tailored assessment that minimizes false positives while pinpointing your more exploitable and critical vulnerabilities, thereby strengthening your cybersecurity defenses.

Prioritize what vulnerabilities to focus on

You can easily stay on top of new and updated vulnerabilities:

  • of new vulnerabilities impacting your software supply chain.

  • Identify those with .

  • with suggested Windows KB updates

  • Stay updated with information from the National Vulnerability Database (NVD).

To ensure you're focusing on the most exploitable vulnerabilities:

  • across a product version

Filter on most impactful vulnerabilities

Once you've rescored your vulnerabilities, down on those that have a combination of high CVSS scores with high exploitability (EPSS) scores and that have exploits or threats.

You can filter on the following exploit and threat information for vulnerabilities that:

  • are on the CISA KEV list

  • are in the Exploit Database

  • have a Metasploit toolkit available

  • meet the criteria of the top 25 CWE list

  • have a particular EPSS threshold: Enter a number, such as 80, into the EPSS filter. This will return any vulnerabilities with an EPSS score of 80% or above.

Bulk remediate vulnerabilities

Check for updates to a vulnerability

Check for new vulnerabilities

vulnerabilities within a product, across products, or target a particular component's vulnerabilities with the click of a button, enabling you to speed triage and ensure remediation consistency of particular vulnerabilities across your product portfolio.

If you’ve previously assessed a vulnerability, you can turn on the Date updated to see whether there have been any updates.

If you've turned on vulnerability , Helm will automatically send you emails whenever there is a new vulnerability.

Bulk remediate
email notifications
adjust all vulnerability scores
Get email notifications
Patch Windows vulnerabilities
Rescore all vulnerabilities
column
available exploits or malware kits
filter
choose individual vulnerabilities to rescore
Rescore individual vulnerabilities