About Vulnerability Scan Data

Risk Analyzer measures the risk to your network assets based on simulated network attacks that uncover host vulnerabilities. By correlating vulnerability data from multiple sensors with information about network topology and traffic flow, you can create attack scenarios to analyze overall network vulnerability.

Vulnerability scanners and intrusion detection systems provide useful information about the potential for exploitation of individual hosts, but knowing where vulnerabilities are is less important than knowing what an attacker could do with them.

You must manually import scan data and Common Vulnerabilities and Exposures (CVE) data from the National Vulnerability Database (NVD) into SIP. CVE is a repository of vulnerability data. Security scanners use CVE identifiers to detect network vulnerabilities, create attack graphs, and perform risk calculations for a network.

Importing is completed in the Administration module. More information about Risk Analyzer can be found in the Administration User's Guide, chapter 8: Settings.