AnsweredAssumed Answered

Vulnerability Remediation workflow - ticket assignment question.

Question asked by ds0101 on Sep 22, 2017
Latest reply on Sep 26, 2017 by Shyam Raj

Is there a document that explain the ticket creation and remediation process a bit clearer? If someone has created such a document can you share it please?

 

I'm trying to think about this issue as clear as I can and it seems that my approach won't work.

Here is what we are trying to do.

1) I have an asset group, lets call it "Servers" which includes 20 servers.

2) I have a team of 3 server admins, let's call them Admin1, Admin2, Admin3.

3) Admin1 is responsible for server 1-5, Admin2 for servers 6-10 and Admin3 for servers 11-15.

4) I have several remediation policies broken down by severity. - Q: is this necessary?

5) To whom will the tickets for the remaining 5 servers be assigned?

 

Question: Am I on the correct path so far? The issue that I'm faced with the above approach is that I cannot assign tickets to multiple users.

 

So that means that I would need to create 3 new asset groups which will be called let's say AseetGroup1 that will include servers 1-5 and assign this group in the remediation policy for Admin1 and then have AseetGroup2 that will include servers 6-10 and assign this group in the remediation policy for Admin2, and then AseetGroup3 that will include servers 11-15 and assign this group in the remediation policy for Admin3. Then I'm faced with the remaining 5 servers, how will the tickets for the remaining servers be created? Will they even be created?

 

Is there any simpler way to create a remediation workflow? I guess I'm trying to understand the workflow for the remediation, what are the criteria or pre-requisite steps that are needed to setup a workflow that satisfies the above use case? Is there any other better way through some other method? 

Any help would be much appreciated it.

 

Thanks!

Outcomes