Ticketing Integration for Remediation Projects

Remediation Projects integrate with popular ticketing systems so that security teams can automate the creation and assignment of work items based on pre-configured rules.

Why integrate Projects with Ticketing?

Many security teams manage remediation efforts by generating CSV or PDF reports spanning hundreds of pages and spend a lot of time breaking down exposures into actionable work items. The Automated Ticketing feature simplifies this process while providing the following advantages:

  • You can create targeted and precise tickets automatically with assignment rules that can be reused across projects.
  • You can customize ticketing templates to include as much security context as you need.
  • You can use the Projects page to provide a central location to manage and track your remediation projects.
  • You always have a clear picture of the progress of remediation work because solution statuses in Projects are updated from the ticketing system.
  • Your remediation teams can continue to use their existing tools and processes.

Managing ticketing integration in Remediation Projects

Ticketing Integration has two parts:

  • Creating connection settings to your preferred ticketing server, and matching each remediation status in InsightVM to a project status in your ticketing program.
  • Configuring a ticketing template for your project, which lets you select the ticketing project for automated ticketing, draft a template of the ticket generated from your Remediation Project, and then create rules for assigning automatically generated tickets to your team members.

You can create new ticket connections, edit existing connections, and enable/disable connections.

Enabling Automated Ticketing for Remediation Projects

The Projects tab shows the list of Remediation Projects you have set up for your environment. If a project has automated ticketing enabled, the Ticketing column will show the ticket icon.

If you wish to enable automated ticketing on an existing project, check the box of the project you want to modify and click the pencil icon above the table view. Navigate to step 5 of the project wizard to set one of your existing ticketing connections for this project.

Set a ticketing connection on a remediation project

Understanding Ticketing Behavior

After enabling automatic ticketing, there are a few things to know about the circumstances that govern when comments are added to tickets or when new tickets are created. The following apply to both JIRA and ServiceNow ticketing systems.

Commenting on Tickets

We will leave a comment on an existing ticket:

  • If a scan rediscovers a vulnerability on an existing asset, we will add a comment on that ticket, stating it is reopened. We will leave a comment each time a vulnerability is rediscovered.
  • If a new asset is added to a solution in a dynamic project, we will leave a comment on the existing ticket, stating a new asset has been found.

Creating New Tickets

We will create a new ticket:

  • If a new solution is added to a remediation project.
  • If the status of a JIRA or ServiceNow ticket is set to the status that is mapped to the Awaiting Verification field in Solutions Status Mapping in Ticketing Connection.

You can disable the ticketing configuration at any time. No new tickets will be generated for the remediation project while the ticketing connection is disabled. You can also re-enable the ticketing connection later.