The “Qualified vulnerability” is a key concept in Patrowl Dashboard. As the name suggests, qualified vulnerabilities menu only gathers vulnerabilities that really matter. It aims to gather only qualified vulnerabilities in a same place to ease remediation processes and follow-up.
In this menu, you will find different types of vulnerabilities :
Vulnerabilities found by Patrowl and validated manually by a Pentester. Each vulnerabilities reported on your dashboard has been validated and tested by an expert to avoid false positive. Vulnerability pages are gathering all crucial information helping a very quick understanding of the vulnerability, how important it is regarding recent news, and how to patch quickly. Each vulnerability found by Patrowl is also configured with automatic retest so that you can follow easily the remediation process. Vulnerabilities are marked with the Patrowl logo in the list
Vulnerabilities manually created, if you want you can create your own vulnerabilities and manage them thought Patrowl : Use the “New vulnerability” button
Import a “campaign” from the “Campaign” menu used For each campaign carried out from outside Patrowl (by a contractor or internally).
It is important to note that vulnerabilities manually created from the dashboard will not be tested by our Pentester, and no-automatic retest could be performed either.
Vulnerabilities created from Risk Insights Policies: you can if you want create some Risk Insight Policies. These policies allow you to automatically create “Qualified vulnerabilities” from a specific Risk Insights rules, allowing you to follow the vulnerability and the remediation process on compliance use-cases specific to your business context.