Cisco Vulnerability Management supports auto-closing vulnerabilities for all connectors with the exceptions of AppScan, the Kenna Data Importer, and a custom CSV. No setup is required. The connector analyzes which assets were scanned with which plug-ins to determine whether or not the asset is still vulnerable to specific vulnerabilities.
For the Kenna Data Importer (KDI), you can choose whether or not you want to use auto-closing. There is an option to skip auto-closing when configuring the connector. More can be found on that here: https://help.kennasecurity.com/hc/en-us/articles/360026413111-Kenna-Data-Importer-JSON-Connector-
Auto-closing vulnerabilities makes it much easier to track the state of your vulnerabilities over time. Once vulnerabilities are closed, they no longer affect asset scores and they do not appear in the Explore page by default. Closed vulnerabilities can still be found using the status = closed checkbox filter on the right-hand side of the Explore page.
Comments
Please sign in to leave a comment.