CyberCNS has an ability to set up notification rules for remediations at different levels.
There are 3 types of notification rules that could be specifically set for remediation.
Remediation by Company
Remediation by Asset
Remediation by Product
Here the ticket is automatically raised in case a PSA (e.g ConnectWise, AutoTask, HaloPSA etc.) integration is already set and is chosen for notification rules. Tickets will have information based on the latest successful vulnerability scan and Ticketing Rules set.
If set at Company level menu, it will be applied to specific company under which it is set.
If applied at Global Level Menu, it will be applied to all the companies under the portal.
Remediation by Company:
This Notification Rule helps create a ticket for remediations listed by CyberCNS under the Remediation Plan section.
Here all the Application & OS Vulnerabilities which are listed under Remediation Plan will be added into a single ticket and their remediation status updates can be tracked on the same ticket.
This rule is useful to set if the interest is in tracking vulnerabilities changes at a company level.
Remediation by Product:
This Notification Rule helps create a ticket for remediations per product ( application or OS) listed by CyberCNS under the remediation plan section.
Here each product (Application & OS) listed under the remediation plan will have a different ticket. This ticket will include information like product name, fix version, affected assets & count of vulnerabilities with categorisation like Critical, High, Medium and Low.
e.g Putty as a product (application) will create a ticket into PSA for recommended remediations.
Updates on the status of the vulnerabilities fixed or increased can be tracked on the ticket.
This rule is useful to set if the interest is in tracking vulnerabilities changes at product (application/OS) level.
Remediation by Asset:
This Notification Rule helps create a ticket for remediations per asset as listed by CyberCNS under the remediation plan.
Every affected asset which is detected with vulnerabilities and listed under remediation plan will have a separate ticket. These tickets will hold information like, Asset name, Type of Vulnerability, Count of Vulnerability.
This rule is useful to set if the interest is in tracking vulnerabilities changes at asset level.