Qualys provides ability to define rules and algorithms based on which issues should be created off the Vulnerabilities.
Once the user views the details of the threat and the vulnerabilities as of now they are required to click on the 'Create Issue' link to create an issue. The ask is to provide some kind of rule engine that allows the user to define how/when issues should be created.
Target Release Plan | Q3 2016 – STVM 6.1 SP1 FP3 |
Nanda - Request you to raise a new AHA for triggering single issue for tracking same vulnerabilities across different assets.
Mohsin - As your requested feature is already available in product, i will be marking this AHA ID as 'Already Exist in Product.
Hi Mohsin - There are two new additional capabilities called Remediation Templates and Remediation Rules introduced in STVM 6.1 SP1 Feature Pack 3 for automating creation of issues via rule engine.
Nanda - Agreed. Will evaluate internally and have this addressed in next set of releases.
In addition to the above ability, we need the feature to create single issue for tracking same vulnerabilities. For example if the identified vulnerability affects more than one asset (Server), we need the ability to create single issue to track the patching remediation for all the impacted assets. As of today we have to create multiple issues for the same vulnerability impacting multiple assets.