Monitoring vulnerabilities

Before you begin

• Configure BMC Helix Automation Console in your system. For more information, see Setting up BMC Helix Automation Console.
• Configure the BMC Discovery connector in BMC Helix Automation Console. For more information, see Configuring the BMC Discovery connector.
• Enable the Vulnerabilities feature from the Configurations page in BMC Helix AIOps. For more information, see Enabling-the-AIOps-features.
• Assign additional permissions to the Vulnerability Manager in BMC Helix Portal. For more information, see Vulnerability Manager permissions.
• Contact BMC Helix Support to enable the following BMC HelixGPT-powered features:
  • Automatic assignment of categories to vulnerabilities
  • Generation of vulnerability summaries and best action recommendations for remediation

           For more information, see Agentic AI capabilities in BMC Helix AIOps.

To monitor all services

1. On the BMC Helix AIOps console, click Risks and then click Vulnerabilities to view the Top Impacted Services table.
   The services affected by vulnerabilities are filtered and displayed according to their Risk score. By default, only the top five services are displayed in the Top Impacted Services table.
2. Click View all to expand the list of services.
   
3. The following information is displayed:
   • Service name
   • Risk Score: The risk score is based on the service criticality and the CVSS score imported from BMC Helix Automation Console.
   • Critical Vulnerabilities: The number of vulnerabilities in the critical state that are affecting the service.
   • Impacted Assets: The number of assets related to the services that are impacted by critical vulnerabilities.
4. To investigate a service, click a service name. 
   The service details page is displayed, which helps you investigate a service. For more information, see To investigate vulnerabilities for an impacted service.

To monitor the workload of remediation owners

1. On the BMC Helix AIOps console, click Risks and then click Vulnerabilities to view the Top Remediation Owners table.
   The remediation owners are filtered and displayed according to the number of open vulnerabilities assigned to them. By default, only the top five remediation owners are displayed in the Top Remediation Owners table.
2. Click View all to expand the list of services.
3. The following information is displayed:
   • Remediation owner name: The user or user group that owns the vulnerability.
   • Assigned vulnerabilities: The number of vulnerabilities assigned to the remediation owner.
   • Impacted assets

To monitor all vulnerabilities

1. On the BMC Helix AIOps console, click Risks and then click Vulnerabilities to view the Top Vulnerabilities table.
   The vulnerabilities are filtered and displayed according to their Risk score. By default, only the top five vulnerabilities are displayed in the Top Vulnerabilities table.
2. Click View all to expand the list of vulnerabilities.
   
3. The following information is displayed:
   • Vulnerability name
   • CVE-ID
   • Risk Score: The risk score is based on the service criticality and the CVSS score imported from BMC Helix Automation Console.
   • Severity: Severity level assigned by the scanner connector.
   • CVSS Score: The CVSS V3 score is assigned by the NIST NVD.
   • Impacted Assets: The number of assets impacted by the vulnerability.
   • First Reported: The date the vulnerability instance was first recorded.
   • Status of the vulnerability instance
     • Affected
     • Not Affected
     • Under Investigation
   • Categories: Categories assigned to the vulnerabilities according to their area of impact.
     • Categories can be created and assigned by using the REST API. For more information, see Assigning categories to vulnerabilities by using REST API.
     • You can leverage BMC HelixGPT to automatically assign categories to newly ingested vulnerabilities that do not already have a category. For more information, see Risks overview.
       • The Categories column header has the information icon  by default, indicating that automatic categorization is not enabled.
       • If automatic categorization is enabled, the Categories column header has the BMC HelixGPT sparkles  , indicating that the assigned categories are AI-generated.
       • If a category is manually assigned or updated, a manual edit icon  appears next to the assigned category to indicate user intervention.
         Information

         Important

         To enable BMC HelixGPT, contact BMC Helix Support. BMC Helix Support will enable the feature flag to trigger automatic assignment of categories to vulnerabilities.

4. (Optional) To assign a category to a vulnerability or to update an assigned category from the UI, perform the following steps:

   1. Click the Action menu against the vulnerability and select Update Categories.
   2. Select the required categories in the Update Categories window.
      You can select up to four categories.
   3. Click Save.
      You can assign multiple categories to a vulnerability. 
      

5. (Optional) Click Show/Hide Columns and select the columns that you want to view in the Vulnerabilities section.
   The CVE IDs, Risk Score, Severity, CVSS Score, Impacted Assets, and First Reported columns are displayed by default. You cannot remove the Name column from the table.

Where to go from here

Click a service or vulnerability name to investigate it further:

• To investigate vulnerabilities for an impacted service
• To investigate a vulnerability