×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
Helix Automation Console 19.11 Using

Risks

In BMC Helix Automation Console, risks refer to missing patches and vulnerabilities that are identified on assets.

Missing patches

When patch policies identify missing patches on assets, details about the missing patches are displayed on the Missing Patches page under Risks. Missing patches are identified only for assets with Windows or Linux operating systems.

Vulnerabilities

Vulnerabilities can be scanned by the vulnerability management systems such as Nessus, Qualys, and Rapid7. After identification, you can import the scan results into BMC Helix Automation Console and map the vulnerabilities to the remediation content. Imported vulnerabilities are displayed on the Vulnerabilities page under Risks.

In TrueSight Server Automation, remediation content can be BLPackages, NSH scripts, or patches. When connected to BMC Helix Automation Console, the vulnerabilities imported from a scan can include information for multiple operating systems if you have permissions to manage multiple operating systems in the system where you performed the scan. A single vulnerability can apply to multiple operating systems.

Auto-mapping process

When you import vulnerabilities from a scan, by default, BMC Helix Automation Console attempts to match the Common Vulnerability and Exposure (CVE) of a vulnerability to a CVE number associated with a patch. When you create a remediation operation, BMC Helix Automation Console creates a Patch Analysis operation for every patch catalog that is needed to perform remediation. If the same CVE number appears in multiple patch catalogs, the system attempts to map vulnerabilities to CVE numbers from patch catalogs to minimize the number of required Patch Analysis operations.

During auto-mapping, if a vulnerability with a CVE ID is mapped to multiple patch catalogs, and each catalog is for a different operating system, BMC Helix Automation Console can infer when a mapping constitutes an actionable vulnerability.

When a BMC Helix Automation Console user belonging to a security group performs auto-mapping, vulnerabilities with CVE IDs under only the logged in user's security group context are auto-mapped.

Manual mapping process

If some of vulnerabilities remain unmapped during import or during auto-mapping of new vulnerabilities, you can perform a manual mapping procedure. You can perform manual mapping for one vulnerability at a time.

When mapping manually, the remediation content can be BLPackages or NSH scripts.

Where to go from here

To view missing patches and vulnerabilities, and map vulnerabilities to remediation content, see Working with risks.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Sulekha Gulati on Nov 11, 2019

Comments

Log in or register to comment.

Working with assets
Working with risks
© Copyright 2019 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.