LogoLogo
APISupportDashboard
  • Welcome
  • Platform
    • Platform Overview
    • Getting Started Guide
    • Discovery
      • Domain Discovery
      • Network Discovery
      • Discovered Assets
    • Targets
      • Scan Policies
      • Add-on Services
      • Tags & Filtering
        • Default Tags
      • Managing Targets
      • Scan Configuration
    • Risk
    • Firewalls
      • Ports
      • HTTP Servers
      • DNS Records
    • Websites
      • Certificates
      • Scripts
      • Cookies
      • Headers
      • Forms
      • Links
      • Downloads
      • Traffic Hosts
      • Meta Tags
      • Pages
    • Technology
    • Issues
      • Vulnerability Management
      • Issue Settings
    • Reports
    • Compliance
    • Projects
      • Penetration Testing
      • Other Projects
    • Events
      • Event Rules
      • Event Types
    • Automations
      • Target Automations
      • Asset Automations
      • Target Issue Automations
  • Integrations
    • Discovery Integrations
      • Azure
      • Google Cloud
      • AWS
      • Cloudflare
      • Oracle Cloud Infrastructure
      • F5
      • GoDaddy
      • Wiz
      • HTTP
    • Workflow Integrations
      • Slack
      • Google Chat
      • Jira
      • PagerDuty
      • Splunk
      • AWS
      • Vanta
      • Microsoft Teams
      • ArmorCode
      • Zapier
        • Slack (via Zapier)
        • Jira (via Zapier)
        • Service Now (via Zapier)
    • Feeds
      • Using Feeds with Google Sheets
    • API
    • Webhooks
  • Account
    • Account Overview
      • Account Security
    • Users
      • Roles & Permissions
Powered by GitBook

© 2024 Halo Security

On this page
  • Workflow
  • Assignment
  • Acknowledgements & False Positives

Was this helpful?

  1. Platform
  2. Issues

Vulnerability Management

How to manage vulnerabilities that have been discovered.

PreviousIssuesNextIssue Settings

Last updated 3 months ago

Was this helpful?

Workflow

We have a 4 step process that helps establish a workflow for managing and remediating any issues that might be discovered. Those steps are:

  • New: This is the default status for a newly discovered issue.

  • Investigating: Set the issue's status to Investigating when you are researching it.

  • Confirmed: After an issue has been investigated and found to be a legitimate finding, it is confirmed.

  • Fixing: Finally, when an issue is being remediated, set it to Fixing.

We recommend that you investigate new issues as they are discovered. Most findings contain easy-to-use commands which can be helpful for verification. After confirming them, it’s time to decide what risk the finding poses to your organization. Use the risk rating to prioritize which vulnerabilities should be fixed first. High-severity issues, such as those rated 4-5, should be fixed as soon as possible. Once an issue has been fixed, you will see it disappear and your risk rating adjusted accordingly after the next scan verifies it no longer exists.

Assignment

Assignment allows you to tag members of your team to manage different parts of the issue workflow. To assign an issue, simply click the "Workflow" field and choose the team member from the "Assigned To" dropdown.

If there are any specific notes you'd like to leave, you can save those as well in the Notes area.

Acknowledgements & False Positives

After investigating an issue, you may discover that it poses an acceptable risk. These kinds of issues are typically low risk and are not feasible to remediate or may break existing functionality. On rare occasions, we may also discover that the issue was a false positive. In both situations, we can remove this issue from being flagged during future scans and affecting your risk score rating by setting an Acknowledgement and selecting the reason we have acknowledged it.

Acknowledged Issues, Hosts, and Elements that have not been detected for 120 days are automatically deleted from the system.

To view previous issues, hosts, and apps that have been acknowledged. Visit the page.

Acknowledgements