Merge pull request #19116 from newrelic/daily-release/Oct-29--2024-12_03

Daily release/oct 29  2024 12 03

src/content/docs/vulnerability-management/dev-workflow.mdx

@@ -26,7 +26,7 @@ To monitor the health of specific applications or services, use our entity scope
 <img
   title="Entity overview"
   alt="Dashboard for the security entity overview page"
-  src="/images/security_screenshot-full_security-overview.webp"
+  src="/images/security_screenshot-entity_security-overview.webp"
 />
 
 <figcaption>
@@ -35,16 +35,16 @@ To monitor the health of specific applications or services, use our entity scope
   </DNT>
 </figcaption>
 
-The security summary page for an entity gives you a high level overview of the security of your application or service. Curated dashboards such as the number of critical vulnerabilities, visualizations of historical new vulnerabilities, and average time to remediation provide a general summary of the current and historical security of your application or service.
+The security summary page for an entity gives you a high level overview of the security of your application or service. Curated dashboards provide you an overall security of your application or service, including:
 
-## Identify and remediate vulnerabilities [#identify-vulnerabilities]
+* Total vulnerabitities
+* Vulnerability exposure window
+* Top 5 vulnerabitites in accordance with the priority rankings
+* Vulnerability breakdown by type
+* Libraries severity breakdown
+* Top library upgrades 
 
-There are two main ways to prioritize vulnerabilities:
-
-* Triage and prioritize vulnerabilities yourself
-* Remediate vulnerabilities assigned to you by your security team or others
-
-### Triage and prioritize [#prioritize]
+## Triage, prioritize, and remediate vulnerabilities [#prioritize]
 
 To view all vulnerabilities open for your service or application, select the <DNT>**Vulnerabilities**</DNT> tab from the entity security overview page:
 
@@ -60,7 +60,7 @@ To view all vulnerabilities open for your service or application, select the <DN
   </DNT>
 </figcaption>
 
-This page shows you all open vulnerabilities and allows you to filter them by attributes such as severity and source. Clicking into a specific vulnerability provides detailed information about its severity, scope, source, and steps to remediation:
+This page shows you all open vulnerabilities and allows you to filter them by attributes such as severity and source. Clicking on a specific vulnerability provides detailed information about its severity, sources, vulnerability status change logs, and many more.
 
 <img
   title="CVE Detail"
@@ -72,38 +72,52 @@ This page shows you all open vulnerabilities and allows you to filter them by at
   <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management > Vulnerabilities**</DNT>, click a vulnerability.
 </figcaption>
 
-### Solve assigned vulnerabilities [#remediate-vulnerabilities]
+## Set up vulnerability alerts [#alerts-setup]
+
+Set up <InlinePopover type="alerts"/> through Slack or a Webhook to receive notifications when vulnerabilities of a set severity appear.
 
-Your security team or others may triage vulnerabilities and assign the remediation of individual vulnerabilities to you. To find vulnerabilities assigned to you, select <DNT>**Vulnerabilities assigned to me**</DNT> from the entity security summary page:
+On any vulnerability management screen, select <DNT>**Manage security notifications**</DNT>
 
 <img
-  title="Assigned vulnerabilities"
-  alt="Dashboard for the security entity overview page"
-  src="/images/vulnerabilities-assigned.webp"
+  title="Manage Security Notifications"
+  alt="Manage Security Notifications"
+  src="/images/security_screenshot-manage-notifications.webp"
 />
 
 <figcaption>
-  <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management**</DNT>, and click <DNT>**Vulnerabilities assigned to me**</DNT>.
+  <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management > Vulnerabilities**</DNT>, click on Manage Security Notifications.
 </figcaption>
 
-This screen shows you all the vulnerabilities assigned to you. Select a vulnerability for detailed information about its impact and steps to remediation.
-
-## Set up vulnerability alerts [#alerts-setup]
+<img
+  title="Notification Rules"
+  alt="Notification Rules"
+  src="/images/security_screenshot-notification-rules.webp"
+/>
 
-Set up <InlinePopover type="alerts"/> through Slack or a Webhook to receive notifications when vulnerabilities of a set severity appear.
+<figcaption>
+  <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management > Vulnerabilities > Manage Security Notifications**</DNT>.
+</figcaption>
 
 ### Set up a Slack alert [#slack-alerts]
 
-1. On any vulnerability management screen, select <DNT>**Manage security notifications**</DNT>
-2. Select <DNT>**Add a Slack**</DNT>.
-3. Under <DNT>**Slack settings**</DNT>, select a destination or create one by clicking <Icon name="fe-plus-circle"/>.
-4. Under <DNT>**Slack settings**</DNT>, select a channel to send your notifications to.
-5. Under <DNT>**Notification rules**</DNT>, configure rules to receive notifications for vulnerabilities of different severity levels.
+1. Select <DNT>**Add a Slack**</DNT>.
+<img
+  title="Slack Rule"
+  alt="Slack Rule"
+  src="/images/security_screenshot-slack-rule.webp"
+/>
+2. Under <DNT>**Slack settings**</DNT>, select a destination or create one by clicking <Icon name="fe-plus-circle"/>.
+3. Under <DNT>**Slack settings**</DNT>, select a channel to send your notifications to.
+4. Under <DNT>**Notification rules**</DNT>, configure rules to receive notifications for vulnerabilities of different severity levels.
 
 ### Set up a webhook alert [#webhook-alerts]
 
-1. On any vulnerability management screen, select <DNT>**Manage security notifications**</DNT>.
-2. Select <DNT>**Add a Webhook**</DNT>.
-3. Under <DNT>**Webhook settings**</DNT>, select a destination or create one by clicking <Icon name="fe-plus-circle"/>. Learn more about creating a Webhook destination [here](/docs/alerts-applied-intelligence/notifications/notification-integrations/#webhook).
-4. Under <DNT>**Webhook settings**</DNT>, create a channel name.
-5. Under <DNT>**Notification rules**</DNT>, configure rules to receive notifications for vulnerabilities of different severity levels.
+1. Select <DNT>**Add a Webhook**</DNT>.
+<img
+  title="Webhook Rule"
+  alt="Webhook Rule"
+  src="/images/security_screenshot-webhook-rule.webp"
+/>
+2. Under <DNT>**Webhook settings**</DNT>, select a destination or create one by clicking <Icon name="fe-plus-circle"/>. Learn more about creating a webhook destination [here](/docs/alerts-applied-intelligence/notifications/notification-integrations/#webhook).
+3. Under <DNT>**Webhook settings**</DNT>, create a channel name.
+4. Under <DNT>**Notification rules**</DNT>, configure rules to receive notifications for vulnerabilities of different severity levels.

src/content/docs/vulnerability-management/overview.mdx

@@ -24,7 +24,7 @@ Vulnerability Management provides a birds-eye view of all your software's vulner
 
 * Identify the most urgent vulnerabilities
 * Calculate the vulnerability surface area of your software
-* Triage and assign vulnerabilities to users with explicit remediation steps provided
+* Triage, prioritize, and remediate vulnerabilities with steps provided
 
 [Visit one.newrelic.com](https://one.newrelic.com/vulnerability-management) to get started today.
 
@@ -57,7 +57,6 @@ Our Vulnerability Management capability provides functionality for developers, s
 
     * Calculate the vulnerability surface area of your software systems
     * Understand how runtime architecture of each application affects business risk, vulnerability and severity
-    * Assign security tasks to individual developers
 
     <ButtonGroup>
       <ButtonLink

src/content/docs/vulnerability-management/security-workflow.mdx

@@ -8,7 +8,6 @@ This document covers how to:
 
 * Calculate the vulnerability surface area of our software systems
 * Understand how runtime architecture of each application affects business risk, vulnerability and severity
-* Assign security tasks to individual developers
 
 If this workflow doesn't sound like you, check out our document on [managing vulnerabilities as a developer](/docs/vulnerability-management/dev-workflow).
 
@@ -76,25 +75,58 @@ Dig deeper into the security of your system by auditing the vulnerability of all
       </DNT>
     </figcaption>
 
-    Clicking into a specific library provides a detailed view of that library including the number of services using the library, the number of services impacted by CVEs, and details about specific CVEs.
+    Upon clicking a library, it provides you with list of all library versions currently in use as well as a tab which displays all the vulnerabilties detected due to the library.
 
     <img
-      title="Vulnerability library details"
-      alt="Understand library details"
-      src="/images/vuln-library-detail.webp"
+      title="Vulnerability library versions"
+      alt="Understand library versions"
+      src="/images/security_screenshot-library-versions.webp"
     />
 
     <figcaption>
       <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Vulnerability Management > Libraries**</DNT>, click a library
     </figcaption>
+
+    <img
+      title="Vulnerability library version vulnerabilities"
+      alt="Understand library version vulnerabilities"
+      src="/images/security_screenshot-detected-vuln-all-lib-versions.webp"
+    />
+
+    <figcaption>
+      <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Vulnerability Management > Libraries**</DNT>, click on detected vulnerabilities
+    </figcaption>
+
+    Upon clicking a library version, it provides you with list of affected entities and vulnerabilties detected due to this library version.
+
+    <img
+      title="Vulnerability sepcific library version"
+      alt="Understand specific library version"
+      src="/images/security_screenshot-vm-affected-entities-specific-lib-version.webp"
+    />
+
+    <figcaption>
+      <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Vulnerability Management > Libraries**</DNT>, click on specific library version
+    </figcaption>
+
+    <img
+      title="Vulnerability specific library version vulnerabilities"
+      alt="Understand specific library version vulnerabilities"
+      src="/images/security_screenshot-detected-vuln-specific-lib-version.webp"
+    />
+
+    <figcaption>
+      <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Vulnerability Management > Libraries**</DNT>, click on detected vulnerabilities
+    </figcaption>
+
   </Collapser>
 
   <Collapser
     className="freq-link"
     id="vuln"
-    title="Manage, assign, and respond to specific vulnerabilities"
+    title="Manage specific vulnerabilities"
   >
-    From the Vulnerability Management <DNT>**Summary**</DNT> page, select <DNT>**Vulnerabilities**</DNT> to review all the vulnerabilities in your software system. This view shows every vulnerability, their source, number of impacted entities, and when they were first and last seen.
+    From the <DNT>**Vulnerability Management Summary**</DNT> page, select <DNT>**Vulnerabilities**</DNT> to review all the vulnerabilities in your software system. This view shows every vulnerability, priority rank, reason for prioritizing it, number of entities affected, detected by and much more.
 
     This view is especially useful when responding to a specific vulnerability found in specific versions of libraries. Instead of reviewing each service to see if it's impacted, this view condenses info based on vulnerability instead of entity or library.
 
@@ -111,17 +143,5 @@ Dig deeper into the security of your system by auditing the vulnerability of all
         **[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Vulnerability Management > Vulnerabilities**
       </DNT>
     </figcaption>
-
-    Once you've identified the entities impacted by a specific vulnerability, you can assign the remediation of that vulnerability in a specific entity to a user. This helps you organize large scale remediation between multiple teams and ownership structures.
-
-    <img
-      title="Vulnerability assignment"
-      alt="An image showing the vulnerability assignment workflow."
-      src="/images/vuln-assign.webp"
-    />
-
-    <figcaption>
-      <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Vulnerability Management > Vulnerabilities**</DNT>, click a vulnerability to assign it.
-    </figcaption>
   </Collapser>
 </CollapserGroup>

src/content/docs/vulnerability-management/understanding-prioritization.mdx

@@ -23,7 +23,7 @@ This document covers:
   </DNT>
 </figcaption>
 
-The priority ranking is based on all known data about a vulnerability. The **Reason to prioritize** column is a summary and weighting of key CVSS (Common Vulnerability Scoring System), EPSS (Exploit Prediction Scoring System), IAST confirmed findings, and known active ransomware data.
+The priority ranking is based on all known data about a vulnerability. The **Reason to prioritize** column is a summary and weighting of key CVSS (Common Vulnerability Scoring System), EPSS (Exploit Prediction Scoring System) and known active ransomware data.
 
 ## Data influencing priority rank
 
@@ -173,14 +173,6 @@ The priority ranking is based on all known data about a vulnerability. The **Rea
       </tbody>
     </table>
   </Collapser>
-
-  <Collapser
-    className="freq-link"
-    id="iast-confirmed"
-    title="IAST confirmed data"
-  >
-    **IAST confirmed** are vulnerabilities found in your custom code that are confirmed to actually be exploitable even if threat actors may not be aware of the exploit.
-  </Collapser>
 </CollapserGroup>
 
 ### Example of ranking logic