In FutureVuls, there is a feature for sharing vulnerability information by group or organization called “Topics”. This is a feature for posting investigation results and danger levels of vulnerabilities, and sharing knowledge within an organization.
Topics can be displayed and created by selecting “Topics” after selecting a vulnerability from the vulnerability list.
Open the topic screen, enter a title and comment, and submit to create a topic.
You can also send emails to members of the target organization or group when creating a new topic. This can be used to alert members about dangerous vulnerabilities or to share response status with other groups.
On the topic screen, click the edit button next to the topic to edit it.
Editing a topic can only be done by the user who posted the topic or a group administrator.
On the topic screen, click the delete button next to the topic to delete it.
Deleting a topic can only be done by the user who posted the topic or a group administrator.
You can view and add comments by expanding the topic.
Comments on a topic can also be edited or deleted, but only by the user who posted the topic or a group administrator, just like the topic itself.
Vulnerability topics can be shared with organizations.
By turning on “Share CVE Topics with Other Groups in the Organization” in group settings, organization topics can be created and displayed.
Select “Organization Topic” when creating a topic to create an organization topic. You can also add comments to organization topics just like group topics.
Organization topics can be edited or deleted like regular group topics, but only the user who created the topic or the organization owner can perform these actions.
Organization topics and regular group topics are displayed together.
When posting to the topic feature that allows vulnerability information to be shared on a per-vulnerability basis, you can specify “Danger”. Vulnerabilities specified as “Danger” are highlighted prominently in vulnerability lists and detailed display screens, making it easier for the company’s security department to alert essential vulnerabilities that require attention.