Remediating Application Vulnerability Response vulnerabilities
-
- UpdatedAug 3, 2023
- 2 minutes to read
- Vancouver
- Application Vulnerability Response
Monitoring remediation is a process that begins with reviewing status and ends with closing application vulnerable items (AVIs). Application Vulnerability Response offers tools and procedures to make that process more productive and efficient.
Application Vulnerability Response remediation process
Application vulnerable item remediation is done manually.
- Log in to your Application Vulnerability Response instance.
- Validate that your rules (CI Lookup, Assignment) for application vulnerable items are working as expected. For information on revising CI Lookup Rules, see Identify applications in Application Vulnerability Response automatically. For information on Assignment rules, see Assign application vulnerable items in Application Vulnerability Response automatically.
- Validate that your remediation targets are correct. See Automate remediation target tracking in Application Vulnerability Response for information on how remediation target
rules work and how to revise them. View the remediation target status of an application vulnerable item.Note: Remediation target rules belong to AVIs. These rules are run when the AVI is imported.
- Review the dashboards or reports. For example, view dashboards that show AVIs aging by states.Note:
When the Performance Analytics for Vulnerability Response application (com.snc.vulnerability.analytics) is activated, users with certain roles can view data of interest to the members of the App-Sec Manager and Security Champion groups.
For App-Sec Managers, Performance Analytics for Vulnerability Response contains the Application Vulnerability Response Overview, which can help you monitor areas of concern. See Analytics and Reporting Solutions for Application Vulnerability Response and Application Vulnerability Management [PA] dashboard.
Starting with version 13.0 of the Vulnerability Response application: For Security Champions, Performance Analytics for Vulnerability Response contains the My Application Vulnerabilities dashboard, which can help you monitor your areas of concern. See My Application Vulnerabilities dashboard.
Starting with version 13.0 of the Vulnerability Response application: To limit the amount of data gathered for reports or related lists, see Define service classifications for Vulnerability Response reporting and related lists.
- Review the state of AVIs, in order of priority, searching for what has changed.
- Revise the risk for the AVIs, as needed. See Create an application vulnerability calculator for more information.
- Reassign the AVI to an assignment group for remediation, if needed.
- Rescans are triggered automatically by the third-party import schedule.
- After rescan, if the state is Fixed, AVIs are automatically closed during import.
- After the scan, if the state is not Fixed, the AVI is reopened.