Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The View Original Report link on the left center section can be used to view the original vulnerability report that was used to create the case.

Original reportImage Modified

Vendor Status

...

For any case, a Vendor Statement can be provided:

Vendor statusImage Modified

Vendor status approval

Once submitted, the CERT/CC will review the vendor status information before it is added to any case.

Image Modified

Case Discussion

For any case that you are involved in, you can view and add to the discussion regarding it. The parties on the right side of the screen will all see the discussion and future parties added to the case will see past discussion. In the example below, the parties involved in the discussion include the CERT/CC (the coordinator), Madison Oliver (the reporter), and XYZ Company (the vendor).

Case discussionImage Modified

Private Message CERT/CC

...

Pressing this button will give you a page where you can send a direct message to the CERT/CC.

Image Modified

View Draft Vulnerability Note

The View the draft vulnerability note link on the right center section can be used to preview what the vulnerability note will look like when it is published.

Image Modified

My Contact Info

VINCE My Contact Info is where you can edit details about your contact information.

Image Modified

Edit Contact Info

Press Edit My Contact Info to enter or modify contact information for your account.

Image Modified

Here a user can edit the following pieces of information for their account:

...

VINCE User Management can be used to manage the members of a vendor's contact list. If your account has not been determined to be the group administrator for the vendor you are associated with, you will not be able to perform any actions here. If you are the individual who should have administrative access over the vendor's user management, click the contact CERT/CC link to send a message to request this access.

Image Modified

Administrative User Management

If your administrator access level has been approved, you will see a screen similar to this:

Image Modified

Adding users

By clicking the Invite User button, a group administrator can invite new users to use VINCE as part of the vendor that is being managed, which is XYZ Company in this case.

Image Modified

My Vulnerability Reports

For most vendors using VINCE, the My Vulnerability Reports part of VINCE will not be used. This part of VINCE is used for vulnerabilities reported using your VINCE account. In other words, if you haven't reported a vulnerability using VINCE, then you should expect this part of VINCE to look like this:

Image Modified

Report a Vulnerability

If you have a vulnerability to report to the CERT/CC, you can use the Report a Vulnerability link.

Image Modified