Something I feel would be useful with the whole AI interest that is happening at present, how about having AI look at CVEs and then does a true review of them.
At present the CVE alert within NCM looks at the IOS version that is running on a node, it doesn't take in to account the commands that need to be enabled for the vulnerability viable. You don't see this information until you check on the vendors pages.
So what the AI should look at is the CVE, check the IOS version and if any commands are enabled, if this condition is true then it gets flagged as At Risk. If the deice is only running the IOS where the vulnerability is in then it should be flagged as Potentially at Risk. This should be shown on the node sheet some how and can be reported on.
