AnsweredAssumed Answered

Follow Up Scan on Remediation Tickets

Question asked by Bryan Fish on Dec 13, 2018

We are using remediation tickets to track progress.  When a team reports that they've fixed a vulnerability, the ticket gets updated to Resolved and we conduct a follow-up scan to confirm the fix.  Our process to do this is cumbersome, and I'm wondering if there's a better way.  Our current process works like this:

 

  1. Create a Search List with the QIDs for the newly-Resolved tickets.  To do this, we select and copy the table listing the tickets from the QG UI, then paste it into excel.  From there we copy and paste into a Search List.
  2. Create an Option Profile that uses that Search List
  3. Configure the Option Profile to scan the specific ports on which the vulnerabilities were reported.  In some cases, the ticket doesn't report a specific port, and in those cases we scan all ports.  If it's a lot of non-standard ports, we'll go through the same cut-and-paste-via-excel dance.
  4. Launch a scan that uses the Option Profile we created and targets only the hosts that correspond to the newly-Resolved tickets.  Again, more cut-and-paste through excel.

 

This gets the job done, but it involves a lot of cumbersome cutting-and-pasting and data entry, and it's not hard to for a little data to get lost in the shuffle and left out of the scan.  It feels like there should be a better way.  For example, I'd love to be able to select the newly-resolved tickets in the UI, and select "Re-Scan" from the Actions menu.

 

Is there a better way to do this?

Outcomes