1.866.392.4897  | sales@timesys.com   English Japanese German French Korean Chinese (Simplified) Chinese (Traditional)
Powered by Google TranslateTranslate

Vigiles Prime Tutorial: Part 3 – Advanced Collaboration, Management, and Cybersecurity Compliance Assistance

Making Vigiles Work For You

Overview

This page will walk you through Vigiles’ advanced collaboration features. By the end of this walk-through, you should be able to share your products, reports, notes and whitelists with other members of your team. And you’ll be able to export reports and compare reports to see what’s changed over time, assisting you with industry cybersecurity standards and regulations compliance.

Collaboration

Getting on the same team and managing the team settings

To collaborate on CVE management and remediation for a product, Vigiles Users need to be on the same team.

Once Timesys has set up the default team account, users can manage the teams themselves by using the instructions provided at https://linuxlink.timesys.com/docs/account_and_member_administration.

Use Products to organize your manifests and enable collaboration

To enable collaboration with other members of your team, you’ll need to create a “Product.” If you have more than one product that you want to share with other members of your team, then you’ll need to create multiple “Products.”

Once you’ve set up a Product, you can simply upload your SBOMs/manifests to it. Or you can create “Folders” in each Product and upload your SBOMs/manifests to the Folders. Folders can be nested, so this will enable you to more easily organize and separate manifests within the same product.

Note: When your Vigiles account is first set up, by default you’re given a private workspace. However, you can’t share manifests or reports from within your private workspace.

Sharing products

Sharing a product with other team members allows them to view the product and any manifests associated with it. This makes it easier for team members to contribute to CVE management and remediation by uploading manifests, entering notes, whitelisting CVEs, etc.

Sharing reports for key manifest

Sharing reports is just one of multiple ways you can collaborate CVE management and remediation. You can export CVE reports in CSV, XLS and PDF (Summary and Full) formats and share them with non-Vigiles users.

You can also share a view-only version of the latest CVE report. This is particularly useful for sharing a report with others who are not on your team.

Notes and whitelists

Use the Notes feature to document your triage decisions (which might be a necessary step, depending on your regulatory requirements). When you or any member of your team adds notes to a manifest, the notes show up within all manifests in that product.

Use the Whitelist feature to ignore the CVEs that don’t apply to your product — so you can more efficiently focus on the unfixed CVEs that are relevant to your product. Just like the Notes feature, Whitelists remain/show up within all manifests in that product. And you can import your Whitelists into other products.

Using the Notes Feature

Using the Whiltelist Feature

Streamline compliance with industry security standards and regulations

If your product requires compliance with regulatory and government security requirements such as US FDA Guidance, EU Cybersecurity, IEC 62304, SCADA and other security specifications, Vigiles can help you. Comparing reports and viewing report history enables you to more efficiently manage cybersecurity vulnerabilities affecting your product throughout its product lifecycle.

View manifest history

To see a historical view of previously generated reports and track how threats in your build have changed over time, you can use the View Report History feature.

Compare reports to see what’s changed

If you want to view reports for changes from build to build — so you can see which CVEs are newly introduced and which have been addressed by going from the old manifest to the new one — you can use the “Compare Manifests” feature. This is particularly useful when generating release notes for a product that might be required for compliance.

IN CASE YOU MISSED IT:
Triaging, Remediating and How to Get the Outcome You Want

If you haven’t viewed Part 2 of your Vigiles Prime walk-through, you can catch up what you’ve missed at https://www.timesys.com/part2-vigiles-triaging-remediating/.

Need help sharing a report or seeing what’s changed since your last scan?

Do you have questions about any of Vigiles’ advanced features or want to see a demo of specific features?

Fill out the form to schedule a complimentary 30-minute Vigiles Quick Start consultation. We’ll be happy to help answer your questions.

* Denotes required field.

Additional Resources