Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

Remediate vulnerable groups

Log in to subscribe to topics and get notified when content changes.

Remediate vulnerable groups

The flexibility inherent to Vulnerability Response allows you to remediate vulnerabilities in whatever way suits your security organization.

Before you begin

Role required: sn_vul.vulnerability_write


  1. Navigate to Vulnerability > Vulnerabilities > Vulnerability Grfoups.
  2. Click a vulnerable group record (VUL) that is in the Open state.
    The Open state indicates that the record has not yet been worked on. The form displays:
    • Vulnerability group information
    • Group Configuration details
    • Notes
    • Associated VIs
    • Task SLAs
    • Chagne Requests
  3. When you are ready to start working on the record, change the State field to Under Investigation.
  4. Perform whatever tests or analysis you want.
  5. To escalate the vulnerability group to another team or to view and add information on impacted business services to a vulnerable item, you have the following options.
    Option Step
    If the vulnerable item poses a risk to your IT environment, you create a CHG record and escalate the issue to Change Management team. Click Create Change.
    If the vulnerable item causes an error in the IT infrastructure, you can create a PRB record and escalate the issue to the Problem Management team. Click Create Problem.
    If the vulnerable item poses a potential security risk to your organization, create a security incident record and escalate the issue to the Security Incident Response team. Click Create Security Incident.

    This button is displayed when Security Incident Response is activated.

    If you are working on a vulnerable item, you can view and add business services impacted by the vulnerable item. On the Vulnerable Item form, click the Affected Services related list. If an affected CI associated with the vulnerable item is added or updated, information in this related list is automatically updated when the record is saved.
    Note: You can also right-click in the form header and select Refresh Affected Services.
    After you create a change request, problem record, or security incident, the appropriate record appears in the Tasks related list on the Vulnerable Item form.
  6. You can view SLAs associated with the vulnerability in the Task SLAs related list.
  7. If you determine that the issue is a low priority and can either be deferred or immediately closed without further analysis, click Close Item.
    For instructions, see Vulnerability Response remediation.
  8. If you have set up a third-party integration and a scheduled job that automatically updates and scans records at a set interval, the vulnerabilities are scanned at the next scheduled date and time. Alternatively, you can manually initiate a vulnerability scan.
    If the scan again returns the vulnerability, the VUL record returns to the Analysis state. If the vulnerability is not found, the VIT transitions to the Closed state.