I am wondering how to manage the vulnerabilities.
Can I see exactly how many new vulnerabilities appeared on a device?
Can I set markers or something similar to vulnerabilities, like “in progress”?
Overall scans, if the same/marked vulnerabilities are found on a new scan, the information should be available on the new scan result.
With a large number of systems, this can otherwise become quite confusing.
If not on the community edition, does the enterprise version offer these functions?
Hey meredith,
You can create delta reports to see what has changed since the last report.
For tracking the solution status of vulnerabilities, you can use remediation tickets or, of course, use your existing project/ticket management tools.
@TreAtW
Thanks. The delta reports will certainly be very useful.
I need to see at a glance which vulnerabilities are being worked on and which (currently) cannot be fixed (with some note why).
Tickets and notes don’t seem to be the right solution?
The notes must be assigned to the scan task so that they are displayed directly on future scans.
There is a functionality included to defined “Notes” for specific results:
https://docs.greenbone.net/GSM-Manual/gos-22.04/en/reports.html#using-notes
Is this something which could help?
Yes, the notes feature is helpful.
But I can not filter out vulnerabilities with something like a marker.
It would be nice to have self defined markers, that I can filter by.
If a vulnerability has the note “currently not fixable” or some other info, I may not want to see it in the list.
The option “false positive” doesn’t sound right, but it’s the only way to filter out the data?
What I just noticed while testing is that if the report in which notes were made is deleted, the notes are still under scans ->notes. However, the notes are not reassigned to a new scan task with the same IP and vulnerability. I also can’t see whether there is still a scan task for the note under scans → notes …?
Update:
I found the Administration → Trashcan folder
If the Task is completely deleted, the Note is labeled as “Orphan”.
I guess that tags and overrides are the intended built-in features for filtering items or re-assigning them to severity classes in the way you describe.
However, I think there are a couple problems. (1) Tags are supposed to be allowed for use in filters, but this feature has been reported to not work properly according to the documentation, and I have tested and also find its not working. (2) It would be nice if tags could be used in overrides, but they are not available as an option in the overrides object dialog.
See: tags can be applied to virtually any data object including result in Greenbone.
