Open zaa0777 opened 2 months ago
are the findings not transitioning to patched? w/in SC? is this a universal repo, or something else and what?
This is a regular repository In SC. I specifically deleted the hosts from the tenable repository, then started the sync again, but the issues with vulns were not closed. When we delete a hosts from the repository, all the vulnerabilities that were just simply deleted and do not become mitigated.
how are you deleting these assets?
by importing cleanup file(Clean_Up_IPs_Reference) to tenable scan
I got confirmation from our engineering team that SC wont necessarially mark those deleted findings as "patched". We can add a "resolve after X days" feature into the integration, however I'll have to investigate how to best accomplish this as it may require a bit of effort.
in order to support this, it would require some refactoring of the mapping database to handle auto-closing. just note that this may take a bit, but still working on it.
If for some reason the host is removed from tenable(sc) and information about active vulnerabilities is deleted. For example, a host is taken out of service and tenable no longer scan it, and after some time the results for this host are deleted automatically or manually from tenable, but we still have open issues in Jira.