Remediating Application Vulnerability Response vulnerabilities
Monitoring remediation is a process that begins with reviewing status and ends with closing application vulnerable items (AVITs). Application Vulnerability Response offers tools and procedures to make that process more productive and efficient.
Application Vulnerability Response remediation process
Application vulnerable item remediation is done manually.
- Log in to your Application Vulnerability Response instance.
- Validate that your rules (CI Lookup, Assignment) for application vulnerable items are working as expected. For information on revising CI Lookup Rules, see Identify applications in Application Vulnerability Response automatically. For information on Assignment rules, see Assign application vulnerable items in Application Vulnerability Response automatically.
- Validate that your remediation targets are correct. See Automate remediation target tracking in Application Vulnerability Response for information on how remediation target rules work and how to revise them. View the remediation target status of an application vulnerable item.Hinweis:Remediation target rules belong to AVITs. These rules are run when the AVIT is imported.
- Review the dashboards or reports. For example, view dashboards that show AVITs aging by states.Hinweis:
When the Performance Analytics for Vulnerability Response application (com.snc.vulnerability.analytics) is activated, users with certain roles can view data of interest to the members of the App-Sec Manager and Security Champion groups.
For App-Sec Managers, Performance Analytics for Vulnerability Response contains the Application Vulnerability Response Overview, which can help you monitor areas of concern. See Analytics and Reporting Solutions for Application Vulnerability Response and Application Vulnerability Management [PA] dashboard.
Starting with version 13.0 of the Vulnerability Response application: For Security Champions, Performance Analytics for Vulnerability Response contains the My Application Vulnerabilities dashboard, which can help you monitor your areas of concern. See My Application Vulnerabilities dashboard.
Starting with version 13.0 of the Vulnerability Response application: To limit the amount of data gathered for reports or related lists, see Define service classifications for Vulnerability Response reporting and related lists.
- Review the state of AVITs, in order of priority, searching for what has changed.
- Revise the risk for the AVITs, as needed. See Create an application vulnerability calculator for more information.
- Reassign the AVIT to an assignment group for remediation, if needed.
- Rescans are triggered automatically by the third-party import schedule.
- After rescan, if the state is Fixed, AVITs are automatically closed during import.
- After the scan, if the state is not Fixed, the AVIT is reopened.
Get more details from Veracode
Select Get More Details on application vulnerable items (AVITs) that have Veracode as the Source on the Application Vulnerable Item [sn_vul_app_vulnerable_item] table or from the list views in the Vulnerability Response Workspaces to view the following Veracode data.
- HTTP Source request and Source response details for Dynamic Application Security Testing (DAST) scans are displayed on the HTTP Request/Response related list.
- Solution recommendations from Veracode are displayed on the Findings related list.
- HTTP Source request, Source response, and recommendations are displayed on the Details tab In the Vulnerability Response Vulnerability Response workspaces.
- The Description column is supported on the Application Vulnerable Item [sn_vul_app_vulnerable_item] table.