Creating Asset Groups is a great way to organize assets based on certain criteria that you define. It is common to organize assets into groups based on operating system, device type, or asset location. NopSec's integrations with scanning services like Qualys or Rapid7 enable users to pull Asset Groups and Tags from the scanner into the Unified VRM. However, UVRM users also have the ability to create their own Asset Groups within the UVRM platform. This is helpful when you want to view vulnerability information for a subset of assets, like assets that were part of a recent ad-hoc emergency vulnerability scan.
Here are the steps to create an Asset Group and view the vulnerability data for the assets in that group in UVRM:
Step 1) From the Asset Groups page, click 'Create New Group'.
Step 2) Enter the name of the Asset Group and click 'Create'.
Step 3) With your newly created Asset Group selected in the dropdown menu, search for the assets that you want to add to the Asset Group. You can search by IP, CIDR, DNS, or Netbios name. Select the IP from the dropdown menu and click 'Add Asset to Group'.
Step 4) From the Infrastructure Vulns page, find your new Asset Group. To view the critical vulnerabilities for this Asset Group, click on the number hyperlink in the 'Critical Vulns' column. NOTE: if you don't see your new Asset Group, refresh the page and the group will appear in the list.
Step 5) While you are viewing the vulnerabilities in your Asset Group, you can download a CSV of the vulnerabilities.