Notification for Vulnerable Item 'x' days past due

LittbarskiA
Tera Contributor

I am working on a client request to send notifications to different users, whenever the remediation target is missed on vulnerable items. I have my remediation target rule working, but I can't find a way of achieving this scenario.

 

On day that target is missed, send notification to Assignment Group/Assigned To

If remediation target is missed by 15 days, send notification to CI Support Group/Assigned To.Manager

If remediation target is missed by 30 days, send notification to CISO_Execs

 

Anyone pointers from the community will be helpful. I found that SLAs are not recommended for vulnerable items.

 

PS: There are no groups/users in the Notifications section for the target rule configuration. I am notifying the Assignment group on the vulnerable item record when the target is missed.

LittbarskiA_0-1729654938791.png

 

1 REPLY 1

KLee19
Tera Contributor

You could do this using flow. Scheduled flow daily to check remediation target meets the conditions and then trigger an email. I would be careful as this may result in a large number of emails. Might be better to put further logic such as for each group that has atleast 1 vulnerability that meets the criteria then send an email with all of the vulnerability numbers. So this will result in 1 email with say 10 records, Instead of 10 emails with a record each.