How to manage vulnerabilities that have been discovered.
We have a 4 step process that is helpful to establishing a workflow for managing and remediating any issues that might be discovered. Those steps are:
- New: This is the default status for a newly discovered issue.
- Investigating: Set the issues status to Investigating when you are researching it.
- Confirmed: After an issue has been investigated and found to be a legitimate finding, it is confirmed.
- Fixing: Finally when an issue is being remediated, set it to Fixing.
We recommend that you investigate new issues as they are discovered. Most findings contain easy to use commands which can be helpful for verification. After confirming them, it’s time to decide what risk the finding poses to your organization. Use the risk rating to prioritize which vulnerabilities should be fixed first. High severity issues, such as those rated 4-5, should be fixed as soon as possible. Once an issue has been fixed, you will see it disappear and your risk rating adjusted accordingly after the next scan verifies it no longer exists.
Assignment allows you to tag members of your team to manage different parts of the issue workflow. To assign an issue, simply click the "Workflow" field and choose the team member from the "Assigned To" dropdown.
If there are any specific notes you'd like to leave, you can save those as well in the Notes area.
After investigating an issue, you may discover that it poses an acceptable risk. These kinds of issues are typically low risk and are not feasible to remediate or may break existing functionality. On rare occasions, we may also discover that the issue was a false positive. In both situations we can remove this issue from being flagged during future scans and affecting your risk score rating by setting an Acknowledgement and selecting the reason we have acknowledged it.
Acknowledged Issues, Hosts, and Elements that have not been detected for 120 days are automatically deleted from the system.