Run the Vulnerabilities to CCIs Report

This report can search for a vulnerabilities and show Control Correlation Identifier (CCI)s for that vulnerability within your system package quickly. This can help you find all corresponding vulnerabilities quickly, answer data calls, track to 1 or more CCIs, and look for possible zero-day affected servers in a very quick manner.

OpenRMF Professional Vulnerabilities to CCIs Report

Where the Data Comes From

This data comes from all active checklists in your system package (i.e. you have not deleted them). Each checklist has a list of multiple vulnerabilities and their status as well as Category or Severity. And that data has 1 or more CCIs that it aligns to also saved. That data is pulled from your checklists and put into the reporting database by vulnerability so reports like this can come back quickly and easily. As vulnerabilities are updated, they are versioned in the checklist database and the final data is parsed and updated in the vulnerability report database.

Why Run this Report

If there is a particular CCI you are searching for within your system package to know its status and server/device, this is your report. Or to let you compare CCIs to Vulnerabilities and know if there is more than one CCI linking this vulnerability to controls and subcontrols. This report lets you answer those questions quickly and with 100% confidence.