SteveMcGrath
commented
2 months ago are the findings not transitioning to patched? w/in SC? is this a universal repo, or something else and what?
Open zaa0777 opened 2 months ago
SteveMcGrath
commented
2 months ago are the findings not transitioning to patched? w/in SC? is this a universal repo, or something else and what?
zaa0777
commented
2 months ago This is a regular repository In SC. I specifically deleted the hosts from the tenable repository, then started the sync again, but the issues with vulns were not closed. When we delete a hosts from the repository, all the vulnerabilities that were just simply deleted and do not become mitigated.
SteveMcGrath
commented
2 months ago how are you deleting these assets?
zaa0777
commented
2 months ago by importing cleanup file(Clean_Up_IPs_Reference) to tenable scan
SteveMcGrath
commented
2 months ago I got confirmation from our engineering team that SC wont necessarially mark those deleted findings as "patched". We can add a "resolve after X days" feature into the integration, however I'll have to investigate how to best accomplish this as it may require a bit of effort.
SteveMcGrath
commented
1 month ago in order to support this, it would require some refactoring of the mapping database to handle auto-closing. just note that this may take a bit, but still working on it.
If for some reason the host is removed from tenable(sc) and information about active vulnerabilities is deleted. For example, a host is taken out of service and tenable no longer scan it, and after some time the results for this host are deleted automatically or manually from tenable, but we still have open issues in Jira.