Vulnerability Classification

Related topics and videos

Vulnerability Classification analyzes the details of a newly ingested vulnerability without an assigned category. It determines the most appropriate category or, if none is suitable, the agent can create a new category and assign it automatically. It simplifies vulnerability categorization and helps you achieve the following goals:

Reduce manual effort
Improve categorization accuracy
Make sure that vulnerabilities are routed to the appropriate remediation teams

Vulnerability Classification capabilities

Vulnerability Classification provides the following capabilities:

Assign categories to newly ingested vulnerabilities
Create new categories and assign them to newly ingested vulnerabilities

Scenario

Scenario: Automatically assign categories to newly ingested vulnerabilities

Sofia, a DevOps Engineer at Apex Global IT, uses BMC Helix Vulnerability Resolver to monitor the vulnerabilities impacting her organization's services.

She successfully completes a Rapid7 scan of the assets and generates a report of all the vulnerability instances ingested into BMC Helix Automation Console. These vulnerability instances are also reflected on the Risks > Vulnerabilities page in BMC Helix AIOps.

As she has enabled auto-categorization, she observes that newly ingested vulnerabilities without categories are automatically categorized by the Vulnerability Classification agent.

Now, she only has to review the assigned categories and update only those that need modification.

Sofia can rely on BMC HelixGPT to reduce the time and manual effort required for assigning categories, reduce errors caused due to manual assignment, and make sure vulnerabilities are instantly routed to the right remediation team.

Agent type, skills, and prompts

Agent type:
Vulnerability Classification Agent: Creates and assigns categories to newly ingested vulnerabilities to make sure that vulnerabilities are routed to the appropriate remediation teams
Out-of-the-box skill: No
Out-of-the-box prompts: No
Supported model:
Model name Provider Host
HelixGPT-v7 BMC Helix
Microsoft Azure ML
Google Cloud Project Vertex AI
For more information, see Models in BMC HelixGPT.

Model name	Provider	Host
HelixGPT-v7	BMC Helix	Microsoft Azure ML Google Cloud Project Vertex AI

User roles and permissions

Make sure that you have the following roles and permissions to configure and use the Vulnerability Classification agent:

Product	Role	Description	Reference
BMC Helix AIOps	Vulnerability Manager	By default, vulnerability managers have access to the Vulnerability Classification agent.	Roles and permissions

Process overview

The following diagram explains the tasks required to configure and use Vulnerability Classification:

Vulnerability classification agent_process

Before you begin

Make sure that you have the appropriate license for using the following products:

Product	Licenses required (SaaS)	Licenses required (on-premises)
BMC Helix AIOps (includes the BMC HelixGPT for AIOps service)	BMC Helix AIOps & Observability	BMC Helix IT Operations Management on-premises - License entitlements
BMC Helix Automation Console	BMC Helix Automation Console service	BMC Helix IT Operations Management on-premises - License entitlements

Process to set up Vulnerability Classification

Perform the following tasks to set up Vulnerability Classification:

Product	Task	Description	Reference
BMC Helix AIOps	Configure the agent in BMC Helix Agent Studio.	Add the Model ID to the configuration settings of Vulnerability Classification.	Configuring settings to use the AI-powered capabilities in BMC Helix AIOps
BMC Helix AIOps	Verify Vulnerability Classification functionality.	Verify whether Vulnerability Classification is working as expected after completing the configuration tasks.	Investigating vulnerabilities

Important

You can also contact BMC Helix Support to enable Vulnerability Classification.

Vulnerability Classification use cases

The following table lists where you can view the categories assigned by Vulnerability Classification:

Task	Reference
View the vulnerabilities impacting services	Monitoring vulnerabilities
View detailed information Details of impacted services Details of the vulnerability	Investigate vulnerabilities