Remediation Projects

We have setup remediation projects that are configured to automatically generate Service Now tickets when vulnerabilities have a cvss score of 7 or higher and exceed 45 days since discovery. My issue is that we leave this remediation project running all year and it gets cluttered with closed solutions. Is there any way to purge closed solutions from existing remediation projects?

I can always rebuild the projects to start them over but it doesn’t make sense to me that there is no way to remove closed solutions.

Unfortunately right now, I don’t believe there’s a way to clear closed solutions from an existing project. The best way to minimize the clutter in your projects would be to have a shorter project duration, or to simply start with a new one like you said.

There is the option to filter by status by clicking “Open” like in the image below, which can make it a little easier to see what’s left to tackle in the project.

img

Holly,

Thanks for the suggestion. The problem with starting a new project is that if the existing project isn’t 100% completed I’m left with tickets in SNOW that Rapid7 will no longer update and when the new project is created it will make duplicate tickets to ones that already exist. It seems odd that there is a way to delete solutions on a static project but not on a dynamic one. We are using the connection with Service Now to make ticket when a vulnerability with a CVSS score of 7 or higher hits over 45 days since detection so we tend to leave these projects running for extended periods and would need for them to be dynamic.

I suppose this is something that would be good for a feature request.

Have you tried using Goals & SLAs to address your use case? It seems like an SLA would work well as they’re designed to run perpetually against your conditions/policy. You can select vulnerabilities from the SLA to send to a static remediation project.

image

image

It does require that you view the goal on some intervals and select vulnerabilities to send to a project, but once the backlog is cut down a bit, you’d have an easy way to see anything out of compliance with your policy. Long-running dynamic projects, as you’ve noted, can become unmanageable.

You can’t delete solutions from either type of project, but users can mark them as Will Not Fix or Awaiting Verification and then manage the current view using the tabs along the top of the project, as Holly noted.

1 Like