Vulnerability Settings
Control how DashX scans for and enriches vulnerabilities across your fleet.
Configure
- Go to Settings → Monitoring & Alerts → Vulnerability.
- Set the scanning behavior:
- Enable vulnerability scanning and set its cadence.
- CISA KEV — flag actively‑exploited CVEs (a free feed, on by default).
- AI CPE resolver — let the AI Provider resolve product‑to‑CVE matches when NVD's CPE data misses (off by default; enable to catch more).
- NVD source — the vulnerability data source (and any API key for higher rate limits).
- Save.
Results appear under Vulnerabilities and on each device's Vulnerabilities tab.
tip
Leave KEV on always — it's free and it's the difference between "3,000 CVEs" and "the 6 that are actually being exploited." Enable the AI CPE resolver if you find real installed software isn't matching known CVEs.