Map Remediation to Vulnerability

The Map Remediation to Vulnerability page lets you map one or more remediation content items to a vulnerability selected on the Vulnerabilties page. For TrueSight Server Automation, remediation content can be any type of depot content, such as a BLPackage, software package, patch, or NSH script. For SCCM, remediation content can be patches, hotfixes, and other types of critical software updates from Microsoft.

This page describes the following capabilities:

Defining target rules

When managing vulnerabilities in TrueSight Server Automation or SCCM, you may want to map multiple remediation content items to the same vulnerability. Typically, this is necessary when different content is required for each operating system and architecture. On this page you can set up target rules that limit where remediation content is deployed. Content can only be deployed to targets that satisfy the rules you establish. For example, you can specify that content is only deployed to 64-bit Windows operating systems. You can set up multiple sets of target rules, one set for each remediation content item you select.

  1. Click Use Target Rules.
    A set of options appear that establish rules for deploying the package.
  2. In the row defining the rule, for the first field select any of the following:
    • OS–For example, Windows.
    • OS Platform–For example, x86_64.
    • OS Version–For example, 2008 R2.
    • OS Release–For example, 6.1
    • OS Vendor–For example, Microsoft.
  3. In the last field in the row, enter text as a criteria. Evaluation is based on whether a field contains the string you entered.
    For example, if you are specifying the Windows operating system, enter a string such as win. When evaluating targets, if the OS name contains the string win, the package is deployed there. 
  4. To add another rule, click Add Criteria. A new row appears. Use its fields to define an additional rule.
  5. Select the remediation package that should be deployed to targets according to the rules you have set up.
  6. To define another set of target rules for another remediation package, click . Then, repeat the previous steps.
    For example, the second set of target rules might apply to Red Hat targets (that is, OS contains RHEL). 

    Note

    To remove a set of target rules, click the X on the tab containing those rules.
     


Selecting remediation packages

Use this page to select one or more remediation content items that map to a vulnerability you selected on the Vulnerabilities page. 

Use the Search capability to find the remediation content that you want to map to the selected vulnerability. When you find a remediation content item, select it and click Save.

  1. Enter a text string in the Search text box and click Search
    Your text is matched against the names of any remediation content.
    Results of a search return the first 100 items.

     Click here to see examples.

    TrueSight Server Automation example:

    TrueSight Network Automation example:


    SCCM example:

  2. TrueSight Server Automation and SCCM onlyOptionally, use the filters at left to refine your search. In the example below, notice how the search filtered for BLPackages produces 5 results while the search shown above produces 13.
  3. Take one of the following actions:
    • TrueSight Server Automation and SCCM: Select an entry in the list of remediation content.
    • TrueSight Network Automation: Select one or more entries in the list of remediation content.

Was this page helpful? Yes No Submitting... Thank you

Comments