Vulnerability dimension
The Vulnerability dimension is used to identify and prioritize Common Vulnerabilities and Exposures (CVEs) data and non-CVE exposures. Based on ingested vulnerability scan data and your vulnerability priority and risk score settings, Concert assesses and prioritizes the vulnerabilities impacting your applications so you know which to address first. Using automation rules, you can automate ticket creation whenever Concert identifies a high priority CVE or exposure.
Concert identifies vulnerabilities reported against a container image, source repository, or runtime virtual machine (VM). You can find CVE-related information in public databases; however, specific details about non-CVE exposures or security issues are not publicly available. Only the generic classification of the type of exposure, not the specific finding, is known publicly.
Refer to the topics in this section to learn more about mitigating vulnerabilities impacting your applications and environments.