Vulnerability groups

Vulnerability groups are used to group vulnerable items based on vulnerability, vulnerable item conditions, or filter group.

Notes on Vulnerability Groups

  • Vulnerable items can belong to more than one vulnerability group.
  • When updating the state of a vulnerability group, associated vulnerable items that have not already had their state updated by another vulnerability group, are updated to match this vulnerability group.
  • If a state change on a vulnerability group requires an approval, the group and all associated vulnerable items that have not already been updated by a different vulnerability, are put in the In Review state.
    • If a state change for a vulnerability group is approved, all associated vulnerable items in the In Review state are updated to reflect this change.
    • If a state change for a vulnerability group is rejected, the group is reverted to its prior state. All associated vulnerable items, not covered by the In Review state of other vulnerability groups, revert their states back to their prior states.
  • When Automatically refresh vulnerable items is checked, vulnerable items are added to the group as they are created or updated, and matched to the vulnerability group criteria
  • When the Related Links, Refresh associated vulnerable items is clicked from the Vulnerability Group page, vulnerable items are inspected to see if there are any additional vulnerable items that belong to this group. This inspection is done regardless of the status of the Automatically refresh vulnerable items check box.
  • When it is determined that a new vulnerable item can be added to a group, the following occurs:
    • The vulnerability item is included in the Associated Vulnerable Items list of the vulnerability group. Conversely, the vulnerability group appears in the Associated Vulnerability Group list of Vulnerable items.
    • If the Vulnerability Group is marked as Closed or Ignored, with a non-fixed substate (such as False Positive, Risk Accepted, or Irrelevant), vulnerable items that are added to the group have their state updated to match the vulnerability group.
    • If Vulnerability Group is marked as Closed or Fixed, if the vulnerable item added is not itself Closed or Fixed, the vulnerable item state does not change, and the vulnerability group state is changed to Open.