Idea for improving Top Remediation with details

I find the Top Remediation report with details very useful. Showing exactly what to do on which assets, and what the impact on risk score is. Beatyful!

But it could improve a lot, if you were able to pull the same report, based on vulnerabilities found for instance 14 days ago. Why? See below :wink:

As it is, it shows the vulnerabilities first seen yesterday, for instance. Most of these vulnerabilities will be remediated by autopatch or other measures. And my IT-Ops people say: “Why do you send me running after this? It’s autopatched tomorrow”. In that particular sense it’s a false positive.

If we could improve Top Remediation report with a feature, so it is based on vulnerabilities that are first seen x days ago, the report would show only stuff, that really needs manually handling.

It would be great if number of days are variable (different customers have different patchschedules), but if it should be a fixed number of days I’d guess 14 days is appropriate.

That way we could have IT-Ops manage vulnerabilities in a much more efficient way.

If you find this idea useful, please like this post and support IDEA-14668.

For my Remediation Projects, On the ones that are continuous, I filter out any Vulnerabilities found in the past 30 days. This keeps the month to month more accurate. When a vulnerability comes out that needs to be address quicker, I create a new Remediation Project just for that vulnerability with a set deadline.
This is how I address reporting on a month to month cadence. I’m not sure how to incorporate that into a generated report though

1 Like

Hi Brandon.
For that purpose I agree.
I have a need to deliver a “standalone report” to IT-Ops (or customers), that say: Go fix this on these assets, and this is how you do it", and for that specific purpose I think an “improved remediation report” would be more usable than the one we know today.
Thanks for feedback :+1:

the other option you have is for the remediation projects to open a Ticket with something like ServiceNow or Jira. That way you have a ticket to track remediations with. Also, if you need to enter an exception or a will not fix, you have a tick number to associate it with.
Tickets are a good way to report on activity by teams and provide a non-InfoSec means of tracking progress.