What are ALL the circumstances that can cause a Closed VUL | VIT to toggle to Open [OOB]

Go to solution
Garcia2a1x1
Tera Contributor

‎06-14-2023 01:17 PM

ASK

What are ALL the circumstances that can cause a Closed VUL | VIT to toggle to Open [OOB]

 

Our Instance

Currently on VR 16.3.0 with CSDM not enabled [no Lifecycle Status]

 

Scenario

We have many closed VULs | VITs that Re Open for various reasons and we are having trouble pinpointing all the causes. In some cases, our Security/Qualys Team believes these should remain in a closed state [some appear to be related to PER others possibly to CI changes

 

Having a list of what causes Closed VUL | VIT to toggle to Open [OOB] would assist in troubleshooting 

 

thanks!

 

 

0 Helpfuls
  • 671 Views
1 ACCEPTED SOLUTION

Go to solution
Joe Morsbach
Mega Guru

‎06-20-2023 04:40 PM

The answer depends on your scanner integration.  The states of Open and Closed always come from the scanner.  So if something goes from Closed to Open, Servicenow received instruction from your scanner to do that.  For example with Tenable, a source status of REOPEN is passed.  That changes the VIT state to Open.  Also users can click a UI Action button to set the state back to open from any of the other states.

 

As for the VUL, once that is closed the only way to reopen that is via the Reopen UI action button.  Even if the VITs within the task reopen there is nothing that will process the VUL to re-open, but rather an brand new VUL will get created based on your remediation task rules.

 

This is how Out of the box works

View solution in original post

1 REPLY 1

Go to solution
Joe Morsbach
Mega Guru

‎06-20-2023 04:40 PM

The answer depends on your scanner integration.  The states of Open and Closed always come from the scanner.  So if something goes from Closed to Open, Servicenow received instruction from your scanner to do that.  For example with Tenable, a source status of REOPEN is passed.  That changes the VIT state to Open.  Also users can click a UI Action button to set the state back to open from any of the other states.

 

As for the VUL, once that is closed the only way to reopen that is via the Reopen UI action button.  Even if the VITs within the task reopen there is nothing that will process the VUL to re-open, but rather an brand new VUL will get created based on your remediation task rules.

 

This is how Out of the box works