# Managing vulnerabilities

You can manage your organization's vulnerabilities by engagement or by global findings.

# Managing vulnerabilities by engagement

Your organization may have more than one engagement in progress with unique teams working on each.

Use the following steps to manage vulnerabilities (findings) by engagement.

1. From the side menu, select PTaaS -> Engagements to display the Engagements table.

2. Select an engagement (use the filter to narrow down your selection if needed) to display the Engagement details page.

3. From the Engagement details page, select the Findings tab to display the Findings table for that engagement.

4. Select each finding to display its Finding details page, where you can review the overview information, attack path, assign to security analysts for remediation, etc.

# Managing vulnerabilities by global findings

Your organization may prefer to manage vulnerabilities by working with all of the findings discovered by NetSPI, no matter which engagement they are associated with.

Use the following steps to manage vulnerabilities (findings) from the global Findings table.

1. From the top menu, select Findings to display the Findings table.

2. Select the Filter icon and add filter criteria to narrow the findings displayed in the Findings table to those of highest importance to you.

The following filters may be especially helpful:

• Asset Owner: A new field is added upon new asset creation and is also visible on the Asset table (Inventory -> Assets).
• SLA Remediation Date
• Ticket Number
• Remediation Owner: The Finding table's Assign To field is populated with this field's value.
• Security Owner: This field can be manually populated from the Finding details page, similar to the Assigned To field.
• Reviewer: This field can be manually populated from the Finding details page, similar to the Assigned To field.
• First Discovered Date
• Last Discovered Date