Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
📙 You will learn
How to set the number of days to extend a Time to Remediate policy for a vulnerability.
Prerequisites
Audience: IT Professional or End User
Difficulty: Basic
Time needed: Approximately 5 minutes
Tools required: N/A
In some cases, specific vulnerabilities cannot be fully remediated during the
...
Time-
...
To-
...
Remediate policy set for that application. To apply extra time to remediate that vulnerability, the Time To Remediate (TTR) date can be extended on specific vulnerabilities.
Initially, a TTR policy applies to the following vulnerability in the Bodgeit application.
...
In the example below note it has 1 day to remediate based on the TTR policy, but an engineer also added the tag
...
“Compensating Control in
...
Place” as part of their workflow and
...
wants to extend the TTR because of that control.
...
Image Added
For this example the engineer wants to properly remediate this issue in a few months, but the compensating control is sufficient for now.
To extend the days to remediate,
...
click on the
...
Action menu button on the vulnerability to display options. The last two options, Disable Time To Remediate and Change Time To Remediate, allow disabling or extending the TTR for just this vulnerability.
...
To set this, click the Change Time To Remediate option.
Image AddedFrom the Change Time To Remediate modal, in the Number of Days to Extend field, enter a desired number to extend days to remediate by. The example below has added 120 days. Click the Save b
Image Modified
...
A success banner will appear and the Time To Remediate for this vulnerability
...
will be extended.
Image ModifiedThreadFix
...
stores the original dates for
...
the vulnerability, including the first TTR date. When the time to remediate is extended
...
it can always be removed and the original date will
...
reapply. The date can also be edited in order to be adjusted for a different date. For this example, the engineer realized they want the vulnerability to be fully remediated in 120 days, not 121.
...
Once again through the Change Time to Remediate menu option, change the value to a new desired number of days to extend and click the Save button. The change will now be reflected on the vulnerability.
...
Image AddedImage Added
All these actions are logged and shown in the history on that vulnerability details page.
Image ModifiedPermissions
The Reporting expanding menu’s Manage Policies permission toggle allows or
...
denies users access to vulnerability Action items, and to change or disable a TTR on individual vulnerabilities.
...
For example, to prevent users from disabling the TTR policy on vulnerabilities they are reviewing, this permission can be turned off for their role. The screenshot below shows this option being restricted by being set to Off.
Table of Contents
Table of Contents |
---|