sn_vul.remediation_owner role attribution
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago
Hi Community,
I'm finally posting this question as it's something that has been puzzling me for a while.
As per the docs here
| Assign sn_vul.remediation_owner - Remediation Owner to users and groups. | Users and groups with this role remediate vulnerabilities assigned to them or to a group they belong to. Groups or users with this role view and update the records assigned to them or to a group they belong to. |
In my scenario, this role attribution needs to be faily dynamic, as there are potentially hundreds of groups and user that could be involved in the remediation of a vulnerable item. The assignment logic is based on various factors within the CI entries, and these values could change / new CIs added etc...
I also read this note for a different documentation page:
Note:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago
The record doesn't exist in my customers instance, I've just tried with a fresh PDI, and installed VR, the record isn't there either.
Would there be any indication that SN have removed this role containment from later versions? and why?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago
@Greg33
Hey, I remember a long time ago (a couple of years back i guess) this was the case.
Since then the roles have been separated, I assume because itil is tied to licenses and cost.
sn_vul.remediation_owner needs to be assigned separately or you add it to itil yourself.
In terms of VR, just note that the only feature youre missing out on if you have the remediation owner role but not itil, is the feature to create a change request from within the VR module.
