Managing Vulnerability Alerts

Manifest scans SBOMs daily and checks them against several vulnerability databases to identify potential security risks. Users can configure email alerts to be notified with a daily readout of new issues detected. Alerts are customizable based on the types of risks each user needs to monitor, allowing teams to stay focused on the most relevant threats to their environment.

Setting Up Daily Email Alerts

1. Go to Settings then select the Vulnerability Alerts tab.

2. Toggle "Daily Alerts" to ON, and select from any of the following criteria:

   1. On CISA KEV list
   2. Manifest recommended action: Mitigate, Monitor, Accept
   3. Minimum severity (CVSS) score
   4. Minimum exploitability (EPSS Percentile*)

3. Enter the emails that should be receiving these alerts.

4. Click Save.