How to update risk rating and risk score of a specific vulnerability manually?

sath
Tera Expert

Hi, Checking if risk score and risk rating of a specific vulnerability can be manually updated by VR Analysts?

And if it can be updated, will it be overridden by Tenable integration (Tenable plugin integration that runs daily)?

1 ACCEPTED SOLUTION

andy_ojha
ServiceNow Employee
ServiceNow Employee

Hey there,

 

There is no easy way for the Analyst to directly override the Risk Score / Ratings.

That said - check out the new enhancement included in VR v20.x.

There is a feature that somewhat aligns here, and allows Remediation Teams to request a reduction in Risk, on their Vulnerable Items or Remediation Tasks:

 

View solution in original post

3 REPLIES 3

andy_ojha
ServiceNow Employee
ServiceNow Employee

Hey there,

 

There is no easy way for the Analyst to directly override the Risk Score / Ratings.

That said - check out the new enhancement included in VR v20.x.

There is a feature that somewhat aligns here, and allows Remediation Teams to request a reduction in Risk, on their Vulnerable Items or Remediation Tasks:

 

Thank you, good to know that this feature was introduced. Our team is looking if there's a way to increase the risk rating and score since threat intelligence team might categorize few of the vulnerabilities to be remediated immediately. 

Adsignificat
Giga Contributor

Hi Sath - Did you find a solution to this in the end?