Open Ameston opened 22 hours ago
privateducky
commented
22 hours ago we were opening these by default last week, which also triggered any push notifications.
the only change we made recently was sending these to our automatic triage system before sending the push notifications. it's possible this is interfering with the push notifications or pushing the risk back into Triage state. @Ameston what are you seeing? I'll check the code on the backend.
Ameston
commented
22 hours ago I'm seeing that these are showing up in the 'Exposure Risks: Port' filter in the triage state with a Yes/No option to Open the Risk or Close the Risk
privateducky
commented
21 hours ago I'm seeing that these are showing up in the 'Exposure Risks: Port' filter in the triage state with a Yes/No option to Open the Risk or Close the Risk
Ok cool - that's expected.
I don't see any issue marking as open instead, updating now.
Ameston
commented
21 hours ago @privateducky Apologies, could we postpone that change until the completion of https://github.com/praetorian-inc/chariot-ui/issues/747 and https://github.com/praetorian-inc/chariot-ui/issues/746
Feature Description Customers/users can subscribe to alerts for protocol and port exposures. These exposures are high-fidelity and can be opened as risks with trivial verification from an MSP operator. As a result, service exposure risks should be auto-opened. Additionally, these service exposures should automatically send alerts through configured notification systems (regardless of severity thresholds; relevant conversation).
Problem Verification of service exposures is trivial and not scalable.
Preferred Solution Service exposure risks that customers subscribe to are automatically opened, and customers are notified (regardless of the info/low default severity of the open risk) through their configured communication channels.