Use Remediation Effort records

  • Release version: Xanadu
  • Updated August 1, 2024
  • 3 minutes to read

    • When Vulnerability managers and analysts create remediation efforts (REs), remediation Tasks (VUL, AVUL, CVUL, and CRG) are automatically assigned to IT teams for remediation.

    Before you begin

    You have to create a remediation effort before you can use it to monitor remediation progress on Remediation Tasks.

    Role required:
    • sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
    • sn_vul.app_sec_manager for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
    • sn_vulc.admin for configuration test results (TRs)

    Procedure

    1. If not selected, in the upper left, click the List icon.

      The List view with active Remediation Effort records is displayed.

    2. In the Record Type column, select the three dots menu and select Group by Record type.
      The remediation efforts categorize into host vulnerable items, application vulnerable items, container vulnerable items, and configuration test results.
    3. From the List view landing page, with Active Remediation Efforts selected in the filtered lists, click a record to open it.
      The record displays. You can view the remediation tasks and records that are associated with the selected remediation effort.
    4. Refer to the following table for the actions that you can perform on the remediation effort record.

      After you create a record, it may take a few minutes for the remediation tasks and large numbers of records to display.

      UI action Description
      Add a tag To the right of the header, click the small tag icon. You might want to add text that further helps you identify this record. For example, you might want to add a tag that this record has PCI or other critical data.
      Add a work note to the record In the far right of the screen, click the Activity icon (lightening icon) and enter a work note. Click the icon to toggle the panel.
      Update the record On the Details tab, for all fields that are editable, click a field to select it, make your changes, and click Save to update the record.
      When displayed, click the filter icon to refine the data on the displayed page With any one of the Remediation Tasks, Vulnerable Items, or Configuration Test Results tabs selected, on the far right, click the filter icon to show the filters that apply to the tab.

      In the panel that is displayed, click Advanced view to add or change filter conditions for the items on the page. Click Update to save your changes.

      For example, on the Vulnerable Items tab, you might prefer to add the Age field and enter a range to display only records from a specific time period. Records that match the conditions that you set are displayed in the list.
      Refine filters for items in a column Select a column and click the three vertical dots menu expand it and enter conditions to refine and group the data in the column.
      Filter out items or match items from a row in a column
      Say, for example, you want to view only records that have a specific vulnerability. From the list of records, select the row of the record in the Summary column. Click the vertical dot menu that is displayed and choose one:
      • Show matching - show all the other records that have this vulnerability.
      • Filter out - show all records that don’t have this vulnerability.
    5. From the Remediation Tasks, Vulnerable Items and Configuration Test Results tabs, you can drill down into an individual Remediation Task (VUL, AVUL, CVUL, or CRG), Vulnerable item (VIT, AVIT, or CVIT) and Test Result (CTR) records respectively.

    What to do next

    If you want to create a remediation task on-demand from a remediation effort, see Create a remediation task on-demand in the Vulnerability Manager Workspace. You can also Create a customized list of records to help you monitor remediation progress.