State roll-up and roll-down scenarios
Summarize
Summary of State Roll-up and Roll-down Scenarios
State roll-up and roll-down scenarios facilitate the automatic synchronization of remediation tasks (RTs) and vulnerable items (VITs), providing real-time updates that enhance accuracy and efficiency in vulnerability management. This system reduces manual tracking, allowing users to make informed decisions quickly based on the updated status of remediation tasks and vulnerable items.
Show less
Key Features
The roll-up behavior allows changes in VIT states to influence the corresponding RT states based on specific conditions. Key scenarios include:
- VITs transitioning to non-final states keep RTs Open.
- When all associated VITs are closed, the RT is marked Closed.
- If VITs are mixed (some closed, some deferred), the RT reflects the state of the deferred VITs.
- VITs marked as fixed but pending verification do not change the RT state until confirmed.
Conversely, roll-down behavior ensures that when RT states change, these changes can affect the associated VITs unless overridden. Notable roll-down scenarios include:
- RTs marked as resolved will also update associated VITs to a resolved state.
- RTs closed without full resolution leave VITs Open.
- Mixed outcomes in state changes allow for flexibility; for instance, one VIT can be closed while another remains open.
Key Outcomes
Implementing roll-up and roll-down scenarios enables ServiceNow customers to achieve:
- Streamlined vulnerability management through automated status updates.
- Improved accuracy and efficiency in tracking remediation efforts.
- Enhanced decision-making capabilities based on real-time data.
State roll-up and roll-down scenarios automatically sync the status of remediation tasks (RTs) and vulnerable items (VITs), ensuring real-time updates across both. This dynamic interaction reduces manual tracking, enhances accuracy, and provides users with an up-to-date view of progress, making vulnerability management more efficient and helping users make informed decisions quickly.
Roll-up behavior
When vulnerable item (VIT)states change, these changes may propagate up to the remediation task (RT)level. The following table summarizes key roll-up scenarios where changes in vulnerable item (VIT) state may influence the associated remediation task (RT) state, based on closure conditions, reassignments, and deferrals.
| VITs State | Condition | RT State |
|---|---|---|
| Open → Under Investigation / Awaiting Implementation (any sub-state) / In Review | VIT transitions to any non-final or non-actionable state | Remains Open |
| Open → Closed | All associated VITs have the same sub-state | Closed – <same sub-state as VITs> |
| Open → Closed | All associated VITs have different sub-states | Closed – <no sub-state> |
| Open → some Closed VITs and some Deferred VITs | All associated Deferred VITs have the same sub-state | Deferred – <same sub-state as VITs> (Until date = earliest of all VITs) |
| Open → some Closed VITs and some Deferred VITs | All associated Deferred VITs have different sub-states | Deferred – <no sub-state> (Until date = earliest of all VITs) |
| Open → Closed–Fixed (after next scan) → Resolved | VITs marked as fixed but pending verification | Remains Open |
| Closed–Fixed → Open | VIT reopens after being Closed–Fixed | Remains Closed–Fixed |
| Closed–Stale → Open | VIT reopens after being Closed–Stale | Remains Closed–Cancelled |
| Under Investigation → Closed–CI Decommissioned | Multiple RTs (e.g., RT1, RT2) exist for related VITs | Each RT transitions to Closed–Cancelled |
| Resolved → Open | If a resolved VIT reopens and the previously associated RT was assigned to a user | Resolved → Under Investigation |
| Resolved → Open | If a resolved VIT reopens and the previously associated RT was unassigned to a user | Resolved → Open |
Roll-down behavior
When the state of a remediation task changes, the state is often propagated to the associated VITs unless overridden by manual updates or specific exceptions. The following table summarizes key roll-down scenarios where changes in remediation task (RT) state may affect the associated vulnerable item (VIT) state, based on precedence rules and special conditions.
| RT State | Condition | VIT State |
|---|---|---|
| Open → Under Investigation / In Review / Closed–False Positive | RT transitions to a non-final or non-actionable state | Mirrors RT state change (Open → <same state as RT>) |
| Open → Deferred (Sub-state: Reason Given) | RT deferred with a specified reason | Open → Deferred (Sub-state: Reason Given) |
| Open → Resolved | RT marked as resolved | Open → Resolved |
| Open → Closed–Cancelled / Closed–Fixed with Exceptions | RT closed without full resolution | Remains Open |
| RT1: Open → Under Investigation; RT2: Open | One RT moves to Under Investigation while another remains Open | Open → Under Investigation |
| RT1: Open → Under Investigation → Awaiting Implementation; RT2: Under Investigation | One RT progresses to Awaiting Implementation | Open → Under Investigation → Awaiting Implementation |
| RT1: Awaiting Implementation → Deferred; RT2: Awaiting Implementation | One RT deferred while another remains Awaiting Implementation | Awaiting Implementation → Deferred |
| RT1: Awaiting Implementation → Closed–Cancelled; RT2: Under Investigation | One RT cancelled while another is Under Investigation | Awaiting Implementation → Under Investigation |
| Open → Closed–Fixed with Exceptions | Mixed outcome: one VIT closed as fixed with exceptions, another remains open | VIT1: Open → Closed–Fixed; VIT2: Remains Open |
| Open → Resolved | Mixed outcome—one VIT closed as fixed and another resolved | VIT1: Open → Closed–Fixed; VIT2: Open → Resolved |
| Resolved → Open | RT reopens after resolution | VIT2 reopens; VIT1 remains Resolved |