We are using remediation tickets to track progress. When a team reports that they've fixed a vulnerability, the ticket gets updated to Resolved and we conduct a follow-up scan to confirm the fix. Our process to do this is cumbersome, and I'm wondering if there's a better way. Our current process works like this:
- Create a Search List with the QIDs for the newly-Resolved tickets. To do this, we select and copy the table listing the tickets from the QG UI, then paste it into excel. From there we copy and paste into a Search List.
- Create an Option Profile that uses that Search List
- Configure the Option Profile to scan the specific ports on which the vulnerabilities were reported. In some cases, the ticket doesn't report a specific port, and in those cases we scan all ports. If it's a lot of non-standard ports, we'll go through the same cut-and-paste-via-excel dance.
- Launch a scan that uses the Option Profile we created and targets only the hosts that correspond to the newly-Resolved tickets. Again, more cut-and-paste through excel.
This gets the job done, but it involves a lot of cumbersome cutting-and-pasting and data entry, and it's not hard to for a little data to get lost in the shuffle and left out of the scan. It feels like there should be a better way. For example, I'd love to be able to select the newly-resolved tickets in the UI, and select "Re-Scan" from the Actions menu.
Is there a better way to do this?