Skip to content

Roles#

Roles are a feature for grouping servers.

You can create roles with names such as db or app to organize servers for better visibility and to set the CVSS environmental metrics for recalculating CVSS scores for each environment.

A role named default is created when a group is created.

Role List#

You can manage all created roles from the list.

Role List

The order of the items in the list, as well as their visibility, can be configured on this page.

Item Details Update Timing
Role ID The ID of the role. None
Role Name The name of the role. Can be set and changed on the screen. When changing a role.
Total Servers The number of servers belonging to the role. When updating a server.
CR(Confidentiality Requirement) Corresponds to the Security Requirements of the target system in the CVSS environmental metrics. This value is used to recalculate the CVSS score and defines the requirement for confidentiality. When changing a role.
IR(Integrity Requirement) Corresponds to the Security Requirements of the target system in the CVSS environmental metrics. This value is used to recalculate the CVSS score and defines the requirement for integrity. When changing a role.
AR(Availability Requirement) Corresponds to the Security Requirements of the target system in the CVSS environmental metrics. This value is used to recalculate the CVSS score and defines the requirement for availability. When changing a role.
Open Immediate Tasks The number of tasks associated with servers in the role where the SSVC Priority is "Immediate", the status is "NEW", and they are not hidden. On scan.
Open Out of Cycle Tasks The number of tasks associated with servers in the role where the SSVC Priority is "OutOfCycle", the status is "NEW", and they are not hidden. On scan.
Open Tasks The number of tasks associated with servers in the role where the status is "NEW" and they are not hidden. On scan, or when updating a task.
Ongoing Tasks The number of tasks associated with servers in the role where the status is "INVESTIGATING", "ONGOING", or "DEFER", and they are not hidden. On scan, or when updating a task.
Completed Tasks The number of tasks associated with servers in the role whose status is not "NEW", "INVESTIGATING", "ONGOING", or "DEFER", or that are hidden. On scan, or when updating a task.
All Tasks The total number of tasks associated with servers in the role. On scan.

Add Role#

You can create a new role from the role list.

Add Role

Role Details Pane#

Clicking a role in the list in the first pane will open the details pane.

Details Tab#

In the Details tab, you can view the details of the role.

Role Details

In the Role Details, you can view the role name and change the environmental metrics for the Security Requirements of the target system.

Change Role Name#

You can change the role name in the Role Details. The name of the default role can also be changed.

Security Requirements of the Target System#

Set the CVSS Security Requirements for the servers included in the role. By setting the Confidentiality, Integrity, and Availability requirements according to the environment of each role, you can recalculate the CVSS scores within the vulnerability details.

Common Vulnerability Scoring System CVSS v3 Overview: IPA Information-technology Promotion Agency, Japan

CVE × Tasks#

Tasks and vulnerabilities related to the servers belonging to the selected role are displayed. Clicking a cell in the CVE-ID column will display the vulnerability details, and clicking a cell in any other column will display the task details.

CVE × Tasks

Server・product#

Servers belonging to the selected role are displayed. Servers without vulnerabilities are also displayed.

Server・product

Software#

All software on the servers belonging to the selected role is displayed. Software without vulnerabilities is also displayed.

See also "Software" and "CPE" for more details.

Software Pane

Default Server Role#

A server must always belong to a role. One default server role is selected for each group, and it is indicated by (default) next to the role name in the role list. When a new server is registered (scanned), the default server role is automatically assigned to it.

The default server role can be configured from Group Settings → Group. Group admin privileges are required to view the Group Settings.

default_server_role.png