How to update risk rating and risk score of a specific vulnerability manually?

Go to solution
sath
Tera Expert

‎11-09-2023 03:13 PM

Hi, Checking if risk score and risk rating of a specific vulnerability can be manually updated by VR Analysts?

And if it can be updated, will it be overridden by Tenable integration (Tenable plugin integration that runs daily)?

0 Helpfuls
  • 1,238 Views
1 ACCEPTED SOLUTION

Go to solution
andy_ojha
ServiceNow Employee
ServiceNow Employee

‎11-09-2023 03:19 PM - edited ‎11-09-2023 03:21 PM

Hey there,

 

There is no easy way for the Analyst to directly override the Risk Score / Ratings.

That said - check out the new enhancement included in VR v20.x.

There is a feature that somewhat aligns here, and allows Remediation Teams to request a reduction in Risk, on their Vulnerable Items or Remediation Tasks:

 

View solution in original post

0 Helpfuls
3 REPLIES 3

Go to solution
andy_ojha
ServiceNow Employee
ServiceNow Employee

‎11-09-2023 03:19 PM - edited ‎11-09-2023 03:21 PM

Hey there,

 

There is no easy way for the Analyst to directly override the Risk Score / Ratings.

That said - check out the new enhancement included in VR v20.x.

There is a feature that somewhat aligns here, and allows Remediation Teams to request a reduction in Risk, on their Vulnerable Items or Remediation Tasks:

 

0 Helpfuls

Go to solution
sath
Tera Expert
In response to andy_ojha

‎11-10-2023 12:04 PM

Thank you, good to know that this feature was introduced. Our team is looking if there's a way to increase the risk rating and score since threat intelligence team might categorize few of the vulnerabilities to be remediated immediately. 

0 Helpfuls

Go to solution
Adsignificat
Giga Contributor

‎01-15-2024 05:18 AM

Hi Sath - Did you find a solution to this in the end?

0 Helpfuls