Perform an assessment
After you’ve created the vulnerability assessment record and updated the risk attribute fields, run an assessment of the event record.
始める前に
Role required: sn_vul_analyst.vul_event_manager
このタスクについて
Perform an initial assessment after an event for a vulnerability of interest has been created and determined to present risk to systems and data. The purpose of this activity is to further analyze the threat by updating the risk assessment with an in-depth exposure assessment.
手順
タスクの結果
- Vulnerable items or TPEs related to the associated CVEs are fetched during assessment. The CIs related to the vulnerable items are also identified and display in the Affected Configuration Items table.
- If the associated CIs do not exist in the affected CI table, the identified CIs are added to the table and the Has vulnerable item field value is set to True, and the Source field's value is set to Scanner.
- If the CI already exists in the affected CI table, only the Has vulnerable item field value is set to True and the Source fields value for the CI remains the same as when the assessment record was created.
- If vulnerable items are created after the assessment a Vulnerability Assessment scheduled job is run to update the affected CIs table and the source of the CI.