Submit a vulnerability scan request from a security incident

If your security incident has one or more affected resources (servers, computers, and other configuration items), they can be scanned for vulnerabilities from the Security Incident Response form.

Before you begin

The Vulnerability Response plugin must be activated.

Role required: sn_si.read

Procedure

  1. Create a new security incident and include at least one resource. You can also open an existing one that has affected resources.
  2. When you have completed your entries on the form, right-click the form header and click Save.
    After the record has been saved, a Scan for Vulnerabilities related link appears.
    Note: If the Scan for Vulnerabilities related list is not shown, you must navigate to Vulnerability > Scanners, set up at least one scanner, and set its default to true. For more information, see Add a third-party vulnerability scanner.
  3. Click Scan for Vulnerabilities.
    Note:

    A message appears at the top of the security incident form, along with a link to the scan record.

    Scan request with link
  4. You can click the scan request number to view the scan record.
    The incident details in the Security Scan Request record show the results of the scan.