Remediation projects allow teams to coordinate on the progress of remediation initiatives. It provides visibility into the responsibilities of security and IT teams so that they can easily track and measure the progress of remediation work.
- Benefits of Remediation Projects
- Remediation Project Concepts
- What do the statuses mean?
- Create a Remediation Project
- Viewing a Remediation Project
- Automated ticketing for Remediation Projects
Benefits of Remediation Projects
Remediation projects make it simpler to prioritize, drive, and track remediation progress by showing you the true state of the remediation. Project metrics are automatically updated as vulnerabilities are found not to exist any more, so that you can fully visualize the achievements of your remediation teams.
With remediation projects, you can:
- Communicate relevant context and prioritizations to the right people.
- Track the progress of remediation projects.
- Identify the remediation work that teams are working on at a glance.
- Automatically identify, assign, and monitor remediation progress.
Remediation Project Concepts
- Remediation project - A remediation project is a group of solutions for vulnerabilities that need to be remediated on a specific set of assets within a certain time frame. When you create a remediation project, the Security Console applies an algorithm to identify solutions and aggregates the risk by solution to determine the remediation actions that will reduce the most risk.
- Project owner - A project owner has the ability to create a project, identify the assets and/or vulnerabilities that are contained in the project, and assign the project to other users.
- Project assignee - A project assignee is typically a remediation team member. Assignees review the solution steps and execute remediation for the specified assets and update the status of the solutions.
Who can create and edit Remediation Projects?
Only Security Console users with the Global Administrator role can create new static and dynamic Remediation Projects (from both the Remediation Projects interface and the Query Builder), and edit or delete all existing projects, regardless of ownership. All other Security Console users in the following roles can create new static Remediation Projects (from the Remediation Projects interface only) and edit those that they already own:
- Security Manager
- Site Owner
- Asset Owner
You can also grant project permissions to any custom user role as long as that role has the Remediation Projects and Goals & SLAs Platform permission enabled. See the Assign a role and permissions to a user section of the Managing users and authentication article for instructions on how to do so.
What do the statuses mean?
A project is made up of assets and remediations. Project results depend on the outcome of the remediation process.
Here's an overview of the Remediation Projects workflow:
The following statuses help you navigate your project’s lifespan through potential workflows
|Open||Assets are still vulnerable as no action has been taken or solution applied. Verification and remediation needed.|
|Awaiting Verification||Users can set this status to indicate that a solution has been applied. After the scan runs the status will either change to Closed or it will revert back to Open, depending on verification and remediation.|
|Will Not Fix||Users can set this status to Will Not Fix to note that a solution will not be applied. Setting a remediation to Will Not Fix, will recalculate the project’s risk score. |
Users may occasionally see a system-only workflow state called Pending Will Not Fix.
|Closed||The project is closed and will no longer receive updates. All necessary action has been taken, determined either by the user or through remediation.|
The following statuses refer to the states a project can be in as you move through the remediation process
|Open||Open projects have not yet reached expiration or been set to Closed by the user. Projects will continue to update as the user applies solutions and scans assets. |
An Open project can either be New or in a Re-opened state if the vulnerability still exists. If there was a ticket created by the ticketing integration, a new ticket will be created and the status will be Open.
|Expired||This status automatically updates to Expired after a project has passed its due date. Expired projects will no longer receive updates, even if the user applies a solution to assets in the project.|
|Closed||This status refers to the projects that are manually set to Closed by the user. Closed projects will no longer receive updates even if the user applies a solution to assets in the project. Projects are either closed because the vulnerabilities found have been remediated or they have been determined to not be a threat.|
Create a Remediation Project
Open the Projects tab in your navigation menu. On the “Remediation Projects” screen, click Create a Project to start the project creation wizard.
You can also start the project creation wizard from the expanded view of applicable cards. See Cards to learn more.
- Provide your project with some basic information.
- Ensure that your project name and description is purposeful and clear for your intended assignees.
- Specify the project scope.
What are the differences between static and dynamic projects?
Static projects lock asset and solution membership after you initially create them. Their scope cannot change unless you delete asset members from the Security Console. However, the solutions in a static project can add applicable assets as long as those assets were already project members. Static projects are commonly used for addressing specific asset and vulnerability groups.
Dynamic projects automatically add solutions as conditions change in your network. Unlike static projects, you can also modify the scope of a dynamic project after you create it. To help you visualize your progress, dynamic projects do not remove solutions as you remediate, but they will remove solutions if you elect to change the scope. Dynamic projects will never remove an asset from its scope unless the asset is completely deleted from the Security Console. Assets that fall out of the scope of any asset group, site, or tag on which the project is based due to a later configuration change will not be removed from the project after you create it. Dynamic projects are commonly used for ongoing maintenance, such as the remediation of any assets that surpass a certain level of risk.
- Assign the project to members of your security team.
- Expand the assignment dropdown to select one or more InsightVM users that will work on this project.
- If desired, check the permission box to allow users without InsightVM credentials to access the project via email.
- Determine what level of access your assignee(s) will have to the project details.
- Set a due date for the project. Expired and closed projects will not receive updates.
Automated ticketing configuration
The following step will only appear in your project creation wizard if you have a configured ticketing integration already available for use.
See Ticketing Integration for Remediation Projects to learn how to configure a new ticketing integration.
- Review your project details.
Save and Complete the wizard when finished.
Viewing a Remediation Project
Click the Projects tab in the left navigation bar to access a list of remediation projects. You also have the option to view a list of projects immediately after creating a new project.
Each row represents an individual remediation project. Click on a project row to view expanded summary, solution, asset, and vulnerability information.
Click any project name to open it. The “Solutions” view will show overview details such as owner information, remediation steps, assets affected, and assignee information. Individual solutions can also be expanded to show additional details.
Export Project and Solution data to CSV
Column data in both the Projects and Solutions pages can be exported to a CSV file.
To run an export:
- Select all desired projects (A) or solutions (B) by enabling their respective checkboxes.
- Click Export to CSV to download a CSV file.
Asset and vulnerability data can also be exported from the solution drawer:
- Click the desired solution row to open the drawer.
- Select the Vulnerability or Asset tab.
- Enable the checkbox of each desired row.
- Click Export to CSV to download a CSV file.
Assets listed in the solution drawer can be filtered by the following statuses:
Automated ticketing for Remediation Projects
You can make your remediation projects more effective by automatically assigning work items to the team members responsible for mitigating exposures. For more information, see Ticketing Integration for Remediation Projects.