Cyber GRC Ideas Portal
Add a new idea Subscribe
Status Pending Roadmap Inclusion
Workspace Threat & Vulnerability Management
Created by Guest
Created on Jun 27, 2018

RELATED IDEAS

Pre-Vulnerability scan workflow and Approval workflow

  • Users can raise request/ticket for server movement, new server commissioning, production movement etc.,
  • This will trigger Nexpose scan on the target IP by TVM coordinator
  • Once the vulnerability scan results are out and no issues are triggered, then the request is approved by TVM coordinator
  • If any Issues are triggered, the approval is put on hold till the issue is resolved through action management
  • Thus, the pre-vulnerability scan/Approval workflow happens like this
    • End user raises request
    • TVM coordinator can raise clarification request
    • TVM coordinator triggers vulnerability scan outside MSI platform
    • MSI platform may receive the vulnerability scan feed and can trigger the issue
    • TVM coordinator updates the request/ticket by attaching the issue created and expects closure
    • Issue is taken care by the Issue owner and action teams
    • TVM-coordinator approves the request with comments
  • Attach files