Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

draft for infra VM #19447

Draft
wants to merge 5 commits into
base: develop
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 5 additions & 53 deletions src/content/docs/vulnerability-management/dev-workflow.mdx
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
title: Manage vulnerabilities as a developer
title: Manage vulnerabilities for your application
metaDescription: Use Vulnerability Management to maintain a healthy application and remediate vulnerabilities as a developer.
freshnessValidatedDate: never
---
Expand All @@ -19,9 +19,10 @@

## Maintain the vulnerability health of your application


Once vulnerability data starts flowing into New Relic, you can access your data through various scoped views.

To monitor the health of specific applications or services, use our entity scoped view by navigating to <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management**</DNT>. For a larger scope, see our document on [managing vulnerabilities as a security team](/docs/vulnerability-management/security-workflow).
To monitor the health of specific applications or services, use our entity scoped view by navigating to <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Security > Summary**</DNT>. For a larger scope, see our document on [managing vulnerabilities as a security team](/docs/vulnerability-management/security-workflow).

Check notice on line 25 in src/content/docs/vulnerability-management/dev-workflow.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/dev-workflow.mdx#L25

[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'monitor'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'monitor'.", "location": {"path": "src/content/docs/vulnerability-management/dev-workflow.mdx", "range": {"start": {"line": 25, "column": 4}}}, "severity": "INFO"}

<img
title="Entity overview"
Expand All @@ -31,7 +32,7 @@

<figcaption>
<DNT>
**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management**
**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Security > Summary**
</DNT>
</figcaption>

Expand All @@ -46,7 +47,7 @@

## Triage, prioritize, and remediate vulnerabilities [#prioritize]

To view all vulnerabilities open for your service or application, select the <DNT>**Vulnerabilities**</DNT> tab from the entity security overview page:
To view all vulnerabilities open for your service or application, in the left navigation pane, under **Security** section, select <DNT>**Vulnerabilities**</DNT>.:

<img
title="Vulnerability library"
Expand All @@ -72,52 +73,3 @@
<DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management > Vulnerabilities**</DNT>, click a vulnerability.
</figcaption>

## Set up vulnerability alerts [#alerts-setup]

Set up <InlinePopover type="alerts"/> through Slack or a Webhook to receive notifications when vulnerabilities of a set severity appear.

On any vulnerability management screen, select <DNT>**Manage security notifications**</DNT>

<img
title="Manage Security Notifications"
alt="Manage Security Notifications"
src="/images/security_screenshot-manage-notifications.webp"
/>

<figcaption>
<DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management > Vulnerabilities**</DNT>, click on Manage Security Notifications.
</figcaption>

<img
title="Notification Rules"
alt="Notification Rules"
src="/images/security_screenshot-notification-rules.webp"
/>

<figcaption>
<DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management > Vulnerabilities > Manage Security Notifications**</DNT>.
</figcaption>

### Set up a Slack alert [#slack-alerts]

1. Select <DNT>**Add a Slack**</DNT>.
<img
title="Slack Rule"
alt="Slack Rule"
src="/images/security_screenshot-slack-rule.webp"
/>
2. Under <DNT>**Slack settings**</DNT>, select a destination or create one by clicking <Icon name="fe-plus-circle"/>.
3. Under <DNT>**Slack settings**</DNT>, select a channel to send your notifications to.
4. Under <DNT>**Notification rules**</DNT>, configure rules to receive notifications for vulnerabilities of different severity levels.

### Set up a webhook alert [#webhook-alerts]

1. Select <DNT>**Add a Webhook**</DNT>.
<img
title="Webhook Rule"
alt="Webhook Rule"
src="/images/security_screenshot-webhook-rule.webp"
/>
2. Under <DNT>**Webhook settings**</DNT>, select a destination or create one by clicking <Icon name="fe-plus-circle"/>. Learn more about creating a webhook destination [here](/docs/alerts-applied-intelligence/notifications/notification-integrations/#webhook).
3. Under <DNT>**Webhook settings**</DNT>, create a channel name.
4. Under <DNT>**Notification rules**</DNT>, configure rules to receive notifications for vulnerabilities of different severity levels.
83 changes: 83 additions & 0 deletions src/content/docs/vulnerability-management/infra-workflow.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
---
title: Manage vulnerabilities for your infrastructure
metaDescription: Use Vulnerability Management to maintain a healthy application and remediate vulnerabilities as a developer.
freshnessValidatedDate: never
---

This document covers how to:

* Maintain a single or a few healthy applications/services

Check notice on line 9 in src/content/docs/vulnerability-management/infra-workflow.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/infra-workflow.mdx#L9

[new-relic.ComplexWords] Consider using 'keep' or 'support' instead of 'Maintain'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'keep' or 'support' instead of 'Maintain'.", "location": {"path": "src/content/docs/vulnerability-management/infra-workflow.mdx", "range": {"start": {"line": 9, "column": 3}}}, "severity": "INFO"}
* Identify the most urgent vulnerabilities in your software stack
* Understand the severity of vulnerabilities
* Surface tasks from your security team in your daily workflow so it's easy to deliver more secure software with less toil.

If this workflow doesn't sound like you, check out our document on [managing vulnerabilities as a security team](/docs/vulnerability-management/security-workflow).

## Prerequisites [#prereqs]

Vulnerability data sent through [one of our integrations](/docs/vulnerability-management/integrations/overview).



## Maintain the vulnerability health of your infrastructure

Check notice on line 22 in src/content/docs/vulnerability-management/infra-workflow.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/infra-workflow.mdx#L22

[new-relic.ComplexWords] Consider using 'keep' or 'support' instead of 'Maintain'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'keep' or 'support' instead of 'Maintain'.", "location": {"path": "src/content/docs/vulnerability-management/infra-workflow.mdx", "range": {"start": {"line": 22, "column": 4}}}, "severity": "INFO"}

Once vulnerability data starts flowing into New Relic, you can access your data through various scoped views.

To monitor the health of specific applications or services, use our entity scoped view by navigating to <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Infrastructure > (select an entity) > Security > Summary**</DNT>. For a larger scope, see our document on [managing vulnerabilities as a security team](/docs/vulnerability-management/security-workflow).

Check notice on line 26 in src/content/docs/vulnerability-management/infra-workflow.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/infra-workflow.mdx#L26

[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'monitor'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'monitor'.", "location": {"path": "src/content/docs/vulnerability-management/infra-workflow.mdx", "range": {"start": {"line": 26, "column": 4}}}, "severity": "INFO"}

<img
title="Entity overview"
alt="Dashboard for the security entity overview page"
src="/images/security_screenshot-entity_security-overview.webp"
/>

<figcaption>
<DNT>
**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Infrastructure > (select an entity) > Security > Summary**
</DNT>
</figcaption>

The security summary page for an entity gives you a high level overview of the security of your application or service. Curated dashboards provide you an overall security of your application or service, including:

Check notice on line 40 in src/content/docs/vulnerability-management/infra-workflow.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/infra-workflow.mdx#L40

[new-relic.ComplexWords] Consider using 'give' or 'offer' instead of 'provide'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'give' or 'offer' instead of 'provide'.", "location": {"path": "src/content/docs/vulnerability-management/infra-workflow.mdx", "range": {"start": {"line": 40, "column": 140}}}, "severity": "INFO"}

* Total vulnerabitities
* Package vulnerabitities
* Misconfigurations
* Vulnerability exposure window
* Top 5 vulnerabitites in accordance with the priority rankings
* Vulnerability breakdown by type
* Package severity breakdown
* Top package upgrades

To monitor the health of your infrastructure, use our entity scoped view by navigating to <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Infrastructure > (select an entity) > Security> Summary**</DNT>. For a larger scope, see our document on [managing vulnerabilities as a security team](/docs/vulnerability-management/security-workflow).

Check notice on line 51 in src/content/docs/vulnerability-management/infra-workflow.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/infra-workflow.mdx#L51

[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'monitor'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'monitor'.", "location": {"path": "src/content/docs/vulnerability-management/infra-workflow.mdx", "range": {"start": {"line": 51, "column": 4}}}, "severity": "INFO"}

## Triage, prioritize, and remediate vulnerabilities [#prioritize]

Check notice on line 53 in src/content/docs/vulnerability-management/infra-workflow.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/infra-workflow.mdx#L53

[new-relic.ComplexWords] Consider using 'rank' instead of 'prioritize'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'rank' instead of 'prioritize'.", "location": {"path": "src/content/docs/vulnerability-management/infra-workflow.mdx", "range": {"start": {"line": 53, "column": 12}}}, "severity": "INFO"}

Check notice on line 53 in src/content/docs/vulnerability-management/infra-workflow.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/infra-workflow.mdx#L53

[new-relic.ComplexWords] Consider using 'rank' instead of 'prioritize'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'rank' instead of 'prioritize'.", "location": {"path": "src/content/docs/vulnerability-management/infra-workflow.mdx", "range": {"start": {"line": 53, "column": 56}}}, "severity": "INFO"}

To view all vulnerabilities open for your infrastructure, in the left navigation pane, under **Security** section, select the <DNT>**Vulnerabilities**</DNT>.:

**Insert image**

{/* <img
title="Vulnerability library"
alt="Dashboard for the entity specific vulnerability library"
src="/images/vulnLibrary.webp"
/>

<figcaption>
<DNT>
**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management > Vulnerabilities**
</DNT>
</figcaption> */}

This page shows you all open vulnerabilities and allows you to filter them by attributes such as severity and source. Clicking on a specific vulnerability provides detailed information about its severity, sources, vulnerability status change logs, and many more.

<img
title="CVE Detail"
alt="Details for a CVE"
src="/images/cve-detail.webp"
/>

<figcaption>
<DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Infrastructure > (select an entity) > Triage > Vulnerability Management > Vulnerabilities**</DNT>, click a vulnerability.
</figcaption>


73 changes: 42 additions & 31 deletions src/content/docs/vulnerability-management/overview.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,10 @@
freshnessValidatedDate: never
---

Overcome security blindspots with the New Relic Vulnerability Management capability. Modern software is composed of thousands of components, and legacy security offerings don’t give security teams or individual developers the necessary insight to monitor and remediate vulnerabilities these components introduce.
Modern software is composed of thousands of components, and legacy security offerings don’t give security teams or individual developers the necessary insight to monitor and remediate vulnerabilities these components introduce.

Check notice on line 9 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L9

[Microsoft.SentenceLength] Try to keep sentences short (< 30 words).
Raw output
{"message": "[Microsoft.SentenceLength] Try to keep sentences short (\u003c 30 words).", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 9, "column": 1}}}, "severity": "INFO"}

Check notice on line 9 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L9

[Microsoft.Passive] 'is composed' looks like passive voice.
Raw output
{"message": "[Microsoft.Passive] 'is composed' looks like passive voice.", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 9, "column": 17}}}, "severity": "INFO"}

Check notice on line 9 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L9

[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'monitor'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'monitor'.", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 9, "column": 163}}}, "severity": "INFO"}
With New Relic Vulnerability Management capability, your team’s engineers from DevOps, SREs, Infosec, and other teams can work together, share security information, identify vulnerabilities, and address risks at every stage of SDLC.

Check notice on line 10 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L10

[Microsoft.SentenceLength] Try to keep sentences short (< 30 words).
Raw output
{"message": "[Microsoft.SentenceLength] Try to keep sentences short (\u003c 30 words).", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 10, "column": 1}}}, "severity": "INFO"}
Security, thus becomes a teamsport and not the job of only one team.
{/* Overcome security blindspots with the New Relic Vulnerability Management capability. Modern software is composed of thousands of components, and legacy security offerings don’t give security teams or individual developers the necessary insight to monitor and remediate vulnerabilities these components introduce. */}

Check notice on line 12 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L12

[Microsoft.Passive] 'is composed' looks like passive voice.
Raw output
{"message": "[Microsoft.Passive] 'is composed' looks like passive voice.", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 12, "column": 106}}}, "severity": "INFO"}

Check notice on line 12 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L12

[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'monitor'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'monitor'.", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 12, "column": 252}}}, "severity": "INFO"}

<img
title="Vulnerability Management overview"
Expand All @@ -20,19 +23,21 @@
</DNT>
</figcaption>

Vulnerability Management provides a birds-eye view of all your software's vulnerabilities so you can:
With New Relic Vulnerability Management, you get:

* Identify the most urgent vulnerabilities
* Calculate the vulnerability surface area of your software
* Triage, prioritize, and remediate vulnerabilities with steps provided
* Birds-eye view of overall vulnerabilities - including the ones that are detected by New Relic platform and our integration partners such as FOSSA, AWS Security hub, Trivy, Snyk, Github Dependabot and others.

Check notice on line 28 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L28

[Microsoft.Passive] 'are detected' looks like passive voice.
Raw output
{"message": "[Microsoft.Passive] 'are detected' looks like passive voice.", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 28, "column": 71}}}, "severity": "INFO"}
* Run time visibility of vulnerabilities that your applications or Infrastructure may experience (thus you can validate if a security patch has been deployed successfully!)

Check notice on line 29 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L29

[Microsoft.Passive] 'been deployed' looks like passive voice.
Raw output
{"message": "[Microsoft.Passive] 'been deployed' looks like passive voice.", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 29, "column": 145}}}, "severity": "INFO"}
* Prioritisation feature helps you address the vulnerabilities that are urgent or matter the most.
* Triaging and remediation support.

Thus, you can overcome security blindspots across your entire software application and its associated infrastructure without reducing your team’s efficiency and without getting overwhelmed by the thousands and thousands of vulnerabilities that your teams may encounter.

Check notice on line 33 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L33

[Microsoft.SentenceLength] Try to keep sentences short (< 30 words).
Raw output
{"message": "[Microsoft.SentenceLength] Try to keep sentences short (\u003c 30 words).", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 33, "column": 1}}}, "severity": "INFO"}

Check notice on line 33 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L33

[new-relic.ComplexWords] Consider using 'meet' instead of 'encounter'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'meet' instead of 'encounter'.", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 33, "column": 260}}}, "severity": "INFO"}

[Visit one.newrelic.com](https://one.newrelic.com/vulnerability-management) to get started today.

## View security insight for developers, security teams, and architects

Our Vulnerability Management capability provides functionality for developers, security teams, security engineers, and architects:
{/* Our Vulnerability Management capability provides functionality for developers, security teams, security engineers, and architects: */}

<SideBySide>
{/* <SideBySide>
<Side>
### I want to:

Expand Down Expand Up @@ -68,36 +73,42 @@
</ButtonLink>
</ButtonGroup>
</Side>
</SideBySide>

## Monitor your vulnerabilities now

To get started:
</SideBySide> */}

1. Create a New Relic account to [start monitoring and remediating your vulnerabilities](https://one.newrelic.com/vulnerability-management).
2. Start [sending vulnerability data from our APM agents or third-party assessment tools](/docs/vulnerability-management/integrations/intro) or one of our agents.
## View security insights for developers, security teams, and architects

## Requirements
<Tabs>
<TabsBar>
<TabsBarItem id="developer-insights">Insights for developers</TabsBarItem>
<TabsBarItem id="security-dev-insights">Insights for security teams or engineers</TabsBarItem>
</TabsBar>

* Vulnerability Management is available to full platform users.
* Vulnerability Management required 'read' permissions for the ['vulnerabilities' capability](/docs/accounts/accounts-billing/new-relic-one-user-management/user-permissions/#security)
<TabsPages>
<TabsPageItem id="developer-insights">
As a developer, you want to:

To report vulnerability data using an APM agent, [ensure it supports vulnerability reporting](/docs/vulnerability-management/integrations/intro/#apm-agents).
* Maintain a healthy application
* Identify the most urgent vulnerabilities in my software portfolio
* Understand the severity of vulnerabilities
* Surface "security" tasks from my security team in my daily workflow so it's easy to deliver more secure software with less toil

See our [pricing docs](/docs/licenses/license-information/usage-plans/new-relic-one-usage-plan-descriptions/#list-price) for more information on Vulnerability Management pricing.
To dive deeper into these use cases, see [Manage vulnerabilities as a developer](/docs/vulnerability-management/dev-workflow/).
</TabsPageItem>
<TabsPageItem id="security-dev-insights">
As a member of a security team, you want to:

## User roles in Vulnerability Management
* Calculate the vulnerability surface area of my software systems
* Understand how runtime architecture of each application affects business risk, vulnerability, and severity

Capabilities used by Vulnerability Management:
To dive deeper into these use cases, see [Manage vulnerabilities as a security team](/docs/vulnerability-management/security-workflow).
</TabsPageItem>
</TabsPages>
</Tabs>

* [Security - Vulnerabilities](/docs/accounts/accounts-billing/new-relic-one-user-management/user-permissions/#security) capability refers to the ability to view and manage vulnerabilities detected in entities.
* [Applied Intelligence - Channels](/docs/accounts/accounts-billing/new-relic-one-user-management/user-permissions/#applied-intelligence) capability is required to create new outbound alerts based on vulnerabilities detected.
* [Applied Intelligence - Destinations](/docs/accounts/accounts-billing/new-relic-one-user-management/user-permissions/#applied-intelligence) capability is required to create new outbound alerts based on vulnerabilities detected.
{/* ## Monitor your vulnerabilities now

Check notice on line 108 in src/content/docs/vulnerability-management/overview.mdx

View workflow job for this annotation

GitHub Actions / vale

[vale] src/content/docs/vulnerability-management/overview.mdx#L108

[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'Monitor'.
Raw output
{"message": "[new-relic.ComplexWords] Consider using 'check' or 'watch' instead of 'Monitor'.", "location": {"path": "src/content/docs/vulnerability-management/overview.mdx", "range": {"start": {"line": 108, "column": 8}}}, "severity": "INFO"}

### Removing user access to Vulnerability Management

Users with the ability to create/adjust roles within their organization can modify who has access to Vulnerability Management. You can remove access to Vulnerability Management by creating a custom role that does not have 'read' permissions for the 'vulnerabilities' capability. You must then apply this custom role to the users that you wish to restrict.

### Granting access to Vulnerability Management
To get started:

Review the current custom roles created for your organizations. Add 'read' permissions for the 'vulnerabilities' capability to grant access to view Vulnerability Management. Standard roles are automatically be granted this capability but custom roles need to have 'read' permissions granted.
1. Create a New Relic account to [start monitoring and remediating your vulnerabilities](https://one.newrelic.com/vulnerability-management).
2. Start [sending vulnerability data from our APM agents or third-party assessment tools](/docs/vulnerability-management/integrations/intro) or one of our agents.
*/}
54 changes: 54 additions & 0 deletions src/content/docs/vulnerability-management/set-up-alerts.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
---
title: Set up vulnerability alerts
metaDescription: Set up alerts through Slack or a Webhook to receive notifications when vulnerabilities of a set severity appear.
freshnessValidatedDate: never
---


Set up <InlinePopover type="alerts"/> through Slack or a Webhook to receive notifications when vulnerabilities of a set severity appear.

On any vulnerability management screen, select <DNT>**Manage security notifications**</DNT>

<img
title="Manage Security Notifications"
alt="Manage Security Notifications"
src="/images/security_screenshot-manage-notifications.webp"
/>

<figcaption>
<DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management > Vulnerabilities**</DNT>, click on Manage Security Notifications.
</figcaption>

<img
title="Notification Rules"
alt="Notification Rules"
src="/images/security_screenshot-notification-rules.webp"
/>

<figcaption>
<DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Triage > Vulnerability Management > Vulnerabilities > Manage Security Notifications**</DNT>.
</figcaption>

### Set up a Slack alert [#slack-alerts]

1. Select <DNT>**Add a Slack**</DNT>.
<img
title="Slack Rule"
alt="Slack Rule"
src="/images/security_screenshot-slack-rule.webp"
/>
2. Under <DNT>**Slack settings**</DNT>, select a destination or create one by clicking <Icon name="fe-plus-circle"/>.
3. Under <DNT>**Slack settings**</DNT>, select a channel to send your notifications to.
4. Under <DNT>**Notification rules**</DNT>, configure rules to receive notifications for vulnerabilities of different severity levels.

### Set up a webhook alert [#webhook-alerts]

1. Select <DNT>**Add a Webhook**</DNT>.
<img
title="Webhook Rule"
alt="Webhook Rule"
src="/images/security_screenshot-webhook-rule.webp"
/>
2. Under <DNT>**Webhook settings**</DNT>, select a destination or create one by clicking <Icon name="fe-plus-circle"/>. Learn more about creating a webhook destination [here](/docs/alerts-applied-intelligence/notifications/notification-integrations/#webhook).
3. Under <DNT>**Webhook settings**</DNT>, create a channel name.
4. Under <DNT>**Notification rules**</DNT>, configure rules to receive notifications for vulnerabilities of different severity levels.
Loading
Loading