how to stop creating discovered items for unwanted classes so that it does not create vulnerable items related to that? or how to stop vulnerable items getting created for particular classes of discovered items?for example:some xyz configuration item...
Hello, We are working on an SecOps Vulnerability Response opportunity where customers is looking for to import vulnerability entries from following sources: What is the best way to do it? Thx, Marco
I would like to turn off or stop automatic threat lookup for observables in SIR? Is there any possibility to limit automatic threat lookup for particular set of SIR categories?
Hi I'm still having issues with Remediation Task and when they run. We bundle up Remediation Tasks based on vulnerability name and assignment group being populated. If we run our remediation task rule it tears everything down and rebuilds all the Rem...
Hey everybody,We have just begun trying to use the recent added Exception Rules option within Vulnerability Response. Trying to formulate some of the procedural use cases in doing so, and I am wondering what others might have done to utilize this fe...
Hi All, Good Day!!! Can we add a range of IP in one shot into the observable table ?We have Palo Alto NGFW integration and we want to send the range of IP's to this EDL list for block/Allow.Whenever I tried to add an IP with subnet in the observable ...
Hey all, How can we get a false positive VI/VG to automatically close without setting an expiration date in the request exception to avoid it opening to its previous state? According to the following VR state workflow diagram that is out of the box c...
Hi, Would anyone the best-practice way to configure the visibility and writeability of the Secure notes field on a Security Incident - (for example, configure the field so that only a Security Incident Analyst can write to the field, and allow a Secu...
Nexpose closes the vulnerable items when issue is fixed for assets/configuration items which is alive/operational in nexpose scanning but it is not happening for dead/non-operational assets, may i know why?I want to know is there any process to close...
Hello all, I have seen recently after upgrading to San Diego that I am not able to share the Filter queries with others or group.I have all the Sn_si roles except admin.How to bring this
We are attempting to calculate our customer usage for the last 90 days in the Security Operations module, Discovered items (sn_sec_cmn_src_ci table). The KB0861920 indicates that what is counted is; a server, a desktop, a laptop, a printer, a firewa...
Hey all, We been live with Vulnerability Response in our environment for 4 months now. Remediation Users like to fill in the work notes and then change the assignment group back to us (Vuln Admins) so that we get the message. This ends up skewing the...
Hi, Do Vulnerable Items get created and assigned a risk score based off of the risk score in the third party entries? Thanks,
Hello! I know that for Vulnerable Items, you can set the remediation target using 'Remediation Target Rules'. However, the Remediation Target Rules utilize the 'last opened' field and a user defined number of days to set the remediation target. Ho...
Hello, I just noticed the NVD integration does not give the exploit information. I checked the Shodan integration, and it provides the enrichment for exploit info, however I am not sure is it the best solution. I know some of the active scanners prov...
