Submit a vulnerability scan request from a security incident

If your security incident has one or more configuration items (servers, computers, and so on), they can be scanned for vulnerabilities from the Security Incident Response form.

Before you begin

The Vulnerability Response plugin must be activated.

Role required: sn_si.write

Procedure

  1. Create a new security incident and include at least one resource. You can also open an existing incident that has configuration items.
  2. When you have completed your entries on the form, right-click the form header and click Save.
    After the record has been saved, a Scan for Vulnerabilities related link appears.
    Note: If the Scan for Vulnerabilities related list is not shown, you must navigate to Vulnerability > Scanners, set up at least one scanner, and set its default to true. For more information, see Add a third-party vulnerability scanner.
  3. Click Scan for Vulnerabilities.
    Note:

    A message appears at the top of the security incident form, along with a link to the scan record.

    Scan request with link
  4. You can click the scan request number to view the scan record.
    The incident details show the results of the scan in the Security Scan Request record.