Remediation Projects Major Shortcoming!

There is a major shortcoming with the Remediation Project > Validation Scan

For customers using the R7 Scan Assistant service/agent for credentialed scanning, which is best practice, the Validation Scan does not support this!!!
In other words, the Validation scan uses the default scan template ‘full audit without web spider’, which does not support Scan Assistant due to the inability to edit the scan template to add the required Scan Assistant port tcp/21047.
Moreover, if you make a copy of the scan template to customize it, there is no way for the Validation scan to know nor is there a way to tell it which scan template to use!
These are facts based on my findings, which I validated with R7 support as well.
I submitted a feature request for this shortcoming (major in my opinion) to get fixed.

Lastly, this is a blocker for us since we cannot effectively use Remediation Projects with other teams to offer as turn-key solution and single pane of glass for validating and tracking remediation work.

2 Likes

Good spot thanks for flagging. I have been doing site scans to verify or waiting for agent to check in. I agree this is not ideal for working with remediation teams.

1 Like

This has been painful! Glad someone else had the patience to get to the bottom of this. Hopefully they fix it soon!!

1 Like