Notification for Vulnerable Item 'x' days past due
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2024 08:45 PM
I am working on a client request to send notifications to different users, whenever the remediation target is missed on vulnerable items. I have my remediation target rule working, but I can't find a way of achieving this scenario.
On day that target is missed, send notification to Assignment Group/Assigned To
If remediation target is missed by 15 days, send notification to CI Support Group/Assigned To.Manager
If remediation target is missed by 30 days, send notification to CISO_Execs
Anyone pointers from the community will be helpful. I found that SLAs are not recommended for vulnerable items.
PS: There are no groups/users in the Notifications section for the target rule configuration. I am notifying the Assignment group on the vulnerable item record when the target is missed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-25-2024 05:40 PM
You could do this using flow. Scheduled flow daily to check remediation target meets the conditions and then trigger an email. I would be careful as this may result in a large number of emails. Might be better to put further logic such as for each group that has atleast 1 vulnerability that meets the criteria then send an email with all of the vulnerability numbers. So this will result in 1 email with say 10 records, Instead of 10 emails with a record each.