Business rules installed with Vulnerability Response

Vulnerability Response adds the following business rules.
Business rule Table Description
Add Vulnerable Item CI to Task Vulnerability Item Task

[sn_vul_m2m_item_task]

Copies the affected resources from the vulnerable item to the task.
Begin state approval workflow Vulnerable Item

[sn_vul_vulnerable_item]

Starts the approval process for a vulnerable item.
Calculate Criticality Vulnerable Item

[sn_vul_vulnerable_item]

Runs the vulnerability calculators when a vulnerable item is inserted or when the configuration item changes.
Check ignore expiration Vulnerable Item

[sn_vul_vulnerable_item]

Checks if the time limit to ignore a vulnerable item has expired.
Determine CI from Network Details Vulnerable Item

[sn_vul_vulnerable_item]

Attempts to set the configuration item on the record given network details such as IP address.
Determine vulnerable items Vulnerable Software

[sn_vul_software]

Examines the software installation table and inserts a vulnerable item for each configuration item found to have an instance of the vulnerable software.
Handle complete state Vulnerability Integration Run

[sn_vul_integration_run]

When a vulnerability integration run completes, starts the next available integration run (if any).
Insert vulnerable item Software Installation

[cmdb_sam_sw_install]

If the software installation has a discovery model that matches a software model with a known vulnerability, a vulnerable item is inserted for the configuration item.
Handle ready state Vulnerability Integration Run

[sn_vul_integration_run]

When a vulnerability integration run is marked as ready, starts the integration run for that item if no other runs are currently processing.
Launch scan Scan

[sn_vul_scan]

Asynchronously launches a scan with a third-party scanner implementation.
Move to pending Scan

[sn_vul_scan]

When a vulnerability scan is ready to be submitted to a scanner, marks the state as pending.
New CVEs downloaded NVD Data Feeds

[sn_vul_nvd_repo]

When new CVEs have been downloaded, publishes an event to the event queue to indicate CVEs have been added to the system. Used by notifications.
Normalize default Vulnerability Scanner

[sn_vul_scanner]

Ensures that only one scanner is marked as default at a given time, and allows only active scanners to be made the default.
Populate job script from integration Vulnerability Integration

[sn_vul_integration]

Updates the script that runs when the chosen processors change.
Prevent Delete/Deactivate of Default Vulnerability Scanner

[sn_vul_scanner]

Prevents the default scanner from being deactivated or deleted.
Prevent non-security roles reading Common Weakness Enumeration

[sn_vul_cwe]

Prevents users without secure record access from reading the record.
Prevent non-security roles updating Common Weakness Enumeration

[sn_vul_cwe]

Prevents users without secure record access from updating the record.
Process activation Vulnerable Item

[sn_vul_vulnerable_item]

Sets the Last opened field to the current date of activation and sets the Reopened flag, if needed.
Process inactivation Vulnerable Item

[sn_vul_vulnerable_item]

Sets the Age closed and removes the Reopened flag, if set.
Process Vulnerability Attachments Vulnerability Data Source Import Queue Entry

[sn_vul_ds_import_q_entry]

Processes the attachment queue.
Run process on insert Vulnerability Integration Process

[sn_vul_integration_process]

When an integration process is inserted, runs the integration script and processor based on any parameters configured on the record.
Update Match information Vulnerable Software

[sn_vul_software]

Updates the auto-match fields when the discovery model is set manually.
Update short description Vulnerable Item

[sn_vul_vulnerable_item]

Generates a short description from the vulnerability selected.
Update source task Scan

[sn_vul_scan]

When a vulnerability scan state changes, updates the task in the Source reference field with work notes to indicate if the scan was successfully launched.
Update Vulnerable items Vulnerability State Change Approval

[sn_vul_change_approval]

Updates the affected vulnerable items with the results of the vulnerability state change approval.
Update vulnerable items Software Installation

[cmdb_sam_sw_install]

If a vulnerable item exists for an installation, the vulnerable item is updated with newly discovered information.
Vulnerability scan Security Scan Request

[sn_si_scan_request]

Starts a vulnerability scan from a security scan request.