Application security widget

Information about tracking vulnerable apps and app vulnerabilities from the Application security widget.

From the MaaS360 Portal Home page, go to the Security Management section and select Security > Security Dashboard. The Application security widget is displayed in the Security Dashboard.

MaaS360 displays the following details in the Application security widget:
  • The total count of vulnerable third-party apps installed on devices across your organization, along with the number of apps with critical vulnerabilities.
  • The top 5 vulnerable apps in your organization (sorted by severity), number of impacted devices, total vulnerabilities per app, and the corresponding operating system. Click the View details link to go to the Application security page, where you can access a comprehensive list of all vulnerable third-party apps deployed across your organization.

Exploring the Application security page

The Application security page displays the following details:
  • Actions Log: This icon is displayed at the top-right corner of the page. Click the icon to access the Actions page to view the action log for remediation actions performed by administrators in the Application Security dashboard. You can also track the status of these actions, and the page displays data for the past 6 months. For more information, see Tracking the status of security actions.
  • Vulnerable apps
    • Count: View the total count of vulnerable third-party apps installed on devices, along with the number of apps with critical vulnerabilities.
    • Graph: Visualize the distribution of vulnerable apps categorized by severity, with critical, high, medium, and low vulnerabilities highlighted using distinct color codes.
  • Vulnerabilities
    The vulnerabilities in an organization are categorized into the following tabs. To access each category, click on the corresponding tab:
    • Top critical vulnerabilities: Displays the top 5 critical vulnerabilities in the third-party apps installed on devices within an organization. The ranking is determined based on the CVEs having the highest CVSS scores. In instances where multiple CVEs share the same CVSS score, the one affecting the highest number of devices takes precedence at the top.
    • New vulnerabilities in organization: Displays the most recently discovered top 5 vulnerabilities found in third-party apps installed on devices within an organization. The ranking is based on the highest number of devices affected by app vulnerabilities with critical severity.

    When you click on a CVE, MaaS360 presents the vulnerability details and the list of apps that are affected by the vulnerability. You can perform remediation action to remediate the vulnerabilities. For more information on remediation, see Remediating vulnerable apps from the Application Security wigdet.

    Click the View all vulnerabilities link to navigate to the Vulnerabilities page, where you can access a comprehensive list of all vulnerabilities in third-party apps deployed across your organization.

    The Vulnerabilities page displays the following details:

    • Overview: Displays the total count of vulnerabilities in an organization. It also displays a graph that represents the distribution of vulnerabilities categorized by severity, with critical, high, medium, and low vulnerabilities highlighted using distinct color codes.
    • Vulnerability age matrix:
      The view is categorized in two sections, you can access each section by selecting the following items from the drop-down list:
      • Published on NVD: Displays the vulnerabilities within an organization based on their publication dates on the National Vulnerability Database (NVD), categorizing them into groups of 0-30 days, 31-60 days, 61-90 days, and greater than 90 days. The presentation also includes the percentage held by each category, along with the total count for each section.
      • Detected in org: Displays the vulnerabilities within an organization based on their detected date in MaaS360, categorizing them into groups of 0-30 days, 31-60 days, 61-90 days, and greater than 90 days. The presentation also includes the percentage held by each category, along with the total count for each section.
    • List of vulnerabilities: List of all vulnerabilities in third-party apps installed on devices within an organization. You can apply filters to narrow down the displayed vulnerabilities and search for specific vulnerabilities by entering CVE ID in the search box.

      When you click on a CVE, MaaS360 presents the following details in a slide-over window:

      • Vulnerability details: Provides an overview of the total number of devices affected by the CVE, the evaluated Base score, Impact score, and Exploitability score generated by the National Vulnerability Database (NVD) for the selected CVE. Clicking on View more information on NVD allows you to access additional details about the selected CVE. For more information on the NVD (National Vulnerability Database), visit https://nvd.nist.gov/.
      • List of affected apps: Lists the apps that are affected by the CVE, including version number, operating system, and total number of devices affected by the app.

        When you click on an app name, MaaS360 presents the following details in a slide-over window:

        • App details: Includes information about the app, such as the vendor, the operating system platform it belongs to, and the latest available version.
        • Vulnerability details
        • Affected devices: Lists the devices affected by the CVE, including device name, username, managed status, and the last reported time. Click Update all to latest version to remediate app vulnerabilities by updating to the latest version or uninstalling the app from devices. You can also send email and device notifications to inform users about app vulnerabilities. For more information on remediation, see Remediating vulnerable apps from the Application Security wigdet.
  • List of vulnerable apps: Access a comprehensive list of all the vulnerable third-party apps installed on devices within your organization. By default, the list is sorted based on the security posture of the vulnerable apps. You can also sort the data using the Device Impacted column to prioritize apps with the highest number of affected devices. You can apply filters to narrow down the displayed apps based on criteria such as operating system and vulnerability severity. You can also search for apps by entering the application name in the search box.

    Clicking on an application name provides additional details, including the complete security assessment and the overall impact of detected vulnerabilities on an application. When you click on an app name, MaaS360 presents the following information in a slide-over window:

    • Actions Log: Access the Actions page to view the action log for remediation actions performed by administrators on the selected app in the Application Security dashboard. You can also track the status of these actions, and the page displays data for the past 6 months. For more information, see Tracking the status of security actions.
    • App Details: Includes information about the app, such as the vendor, the operating system platform it belongs to, and the latest available version.
    • Security Assessment: Presents a comprehensive security assessment for the app, highlighting the total number of vulnerabilities detected and the count of vulnerabilities with critical severity.
    • Versions Detected: Lists the various versions of the app installed on devices within the organization. Each version is accompanied by the number of vulnerabilities identified in that specific version and the count of devices where the version is installed. The versions are sorted based on severity, with those having the highest number of critical vulnerabilities listed at the top. Additionally, the table data can be sorted using the Devices impacted column, prioritizing versions that are installed on a larger number of devices. You can also perform a search by entering the version number.
    • Update all to latest version: Use the options in this drop-down list to remediate app vulnerabilities by updating to the latest version or uninstalling the app from devices. You can also send email and device notifications to inform users about app vulnerabilities. For more information on remediation, see .Remediating vulnerable apps from the Application Security wigdet
    Click on a specific version number to view the details about the devices affected by vulnerabilities in that version in a slide-over window.
    • Actions Log: Access the Actions page to view the action log for remediation actions performed by administrators on the selected app in the Application Security dashboard. You can also track the status of these actions, and the page displays data for the past 6 months. For more information, see Tracking the status of security actions.
    • CVE: Allows you to select a Common Vulnerability and Exposure (CVE) value to view the evaluation scores generated for that CVE.
    • Vulnerability Details: Provides an overview of the evaluated Base score, Impact score, and Exploitability score generated by the National Vulnerability Database (NVD) for the selected CVE. Clicking on View more information on NVD allows you to access additional details about the selected CVE. For more information on the NVD (National Vulnerability Database), visit https://nvd.nist.gov/.
    • Device Details: Displays the details of devices that are impacted by vulnerabilities in a specific version of an app. This includes device name, username, managed status, and the last reported time.
    • Update all to latest version: Use the options in this drop-down list to remediate app vulnerabilities by updating to the latest version or uninstalling the app from devices. You can also send email and device notifications to inform users about app vulnerabilities. For more information on remediation, see Remediating vulnerable apps from the Application Security wigdet.