Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Remediation Workflow Automated Email Scan Reports Patch Report Remediation Policies Remediation Tickets API Custom Report Templates.

Published byMadelynn Gilstrap Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Remediation Workflow Automated Email Scan Reports Patch Report Remediation Policies Remediation Tickets API Custom Report Templates."— Presentation transcript:

1

2 1 Remediation Workflow Automated Email Scan Reports Patch Report Remediation Policies Remediation Tickets API Custom Report Templates

3 2 Remediation Workflow Automated QGIR (QualysGuard Integration with Reporting)

4 3 Sample Reporting Issue

5 4 QualysGuard tickets are grouped by QID in Reporting. This enables easy patching. To further ease the administrative burden we utilize the patch report to consolidate vulnerabilities. QGIR tracks metrics against all offices fairly. All participating offices are given the same time frame and opportunity to remediate vulnerabilities. Further rounds supersede existing tickets. All unresolved Reporting tickets from the previous round are marked incomplete and the remaining vulnerabilities will be included in the new round. Create the tickets into Reporting, a JIRA ITIL-aligned implementation. With Landesks ability to patch multiple hosts for the same vulnerability, it makes sense to group by QID. Store the vulnerabilities and associated Reporting tickets in a separate database to allow for proper verification. QualysGuard vulnerabilities of the same QID for the same office are assembled into a CSV containing pertinent information. QGIR Workflow – Issue Vulnerabilities

6 5 QGIR Verify Workflow QGIR verification will reopen all QGIR Reporting issues that still have vulnerable hosts. For example, lets say Site A had 2 QGIR tickets in Reporting, and each of those QGIR tickets had 10 vulnerable hosts. If one host in both QGIR tickets was not fixed for either vulnerability then both tickets will be reopened. QGIR will verify that all hosts in each ticket that was marked resolved has, in fact, removed the vulnerability.

7 6 QGIR Verify Workflow – Attachments

8 7 QGIR Verify – Decommissioned Hosts QGIR verification will reopen all QGIR Reporting issues that still have vulnerable hosts. Therefore, all QualysGuard remediation tickets associated with decommissioned hosts must be removed. Note the search by NetBIOS name is not an exact search. It will return remediation tickets containing the NetBIOS name. For example, a NetBIOS search of USNYSMITHGE1 will also return tickets associated with hostname, USNYSMITHGE11. Remove these false positives by parsing the resulting XML file. QualysGuard will not report a very real, but previously discovered vulnerability on a replacement host with the decomissioned IP/hostname. The ticket must be deleted.

9 8 Parag Baxi, CISA, CISM, CISSP, CRISC, PMP Employee, Qualys Senior Security Engineer, Ogilvy & Mather Architected ITIL-aligned worldwide VM QualysGuard implementation with heavy emphasis on automation, ROI and security best practices. Over 10 years of enterprise experience at UMDNJ, EDS, HP Enterprise Services (consultancy for The Federal Reserve Bank of New York), and Google. Advocate and active contributor of the Qualys community. Published open-source QualysGuard integration code. B.S. degree in Computer Science from Rutgers University. Thank you!

Download ppt "1 Remediation Workflow Automated Email Scan Reports Patch Report Remediation Policies Remediation Tickets API Custom Report Templates."

Similar presentations

1 Capability Set - Detail. 2 Common Content Problems Content Mayhem –File management and storage confusion Content Multiplication –Editing déjà vu - same.

1 Capability Set - Detail. 2 Common Content Problems Content Mayhem –File management and storage confusion Content Multiplication –Editing déjà vu - same.
September 2, 2013 VM Evolution via API Parag Baxi, Technical Account Manager.

September 2, 2013 VM Evolution via API Parag Baxi, Technical Account Manager.
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.

Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
Microsoft Office 4/16/2017 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Microsoft Office 4/16/2017 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Www.zetasoftwares.com DOCUMENT MANAGEMENT ZETA ERP.

DOCUMENT MANAGEMENT ZETA ERP.
ECM Base Compliance Input Messaging & Alert Compliance dashboard Compliance Monitoring Internal & External Audit Tracking Access Control Compliance & Financial.

ECM Base Compliance Input Messaging & Alert Compliance dashboard Compliance Monitoring Internal & External Audit Tracking Access Control Compliance & Financial.
GLOCO – Integrated Corporate Portal Final Presentation Presented by Team 3 1 Team 3 Members: Joyce Torres Kenneth Kittredge Pamela Fisher Ruzhena Saltisky.

GLOCO – Integrated Corporate Portal Final Presentation Presented by Team 3 1 Team 3 Members: Joyce Torres Kenneth Kittredge Pamela Fisher Ruzhena Saltisky.
Is Your IT Out of Alignment? Chargeback and Billing with Parallels Automation Brian Shellabarger, Chief Architect - SaaS.

Is Your IT Out of Alignment? Chargeback and Billing with Parallels Automation Brian Shellabarger, Chief Architect - SaaS.
Microsoft Office Access 2007 A rich client for Windows SharePoint Services 3.0 Mark Bower Senior Consultant Microsoft UK

Microsoft Office Access 2007 A rich client for Windows SharePoint Services 3.0 Mark Bower Senior Consultant Microsoft UK
Content Management and Process Automation Presented by Mark Chambers SE Regional Manager Document Imaging Solutions, Inc.

Content Management and Process Automation Presented by Mark Chambers SE Regional Manager Document Imaging Solutions, Inc.
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Secure Search Engine Ivan Zhou Xinyi Dong. Project Overview  The Secure Search Engine project is a search engine that utilizes special modules to test.

Secure Search Engine Ivan Zhou Xinyi Dong. Project Overview  The Secure Search Engine project is a search engine that utilizes special modules to test.
Enterprise Sense PACS System. www..kinsolutions.in Contents PACS Server Modality Worklist Server Online PACS Adnministration DICOM File Importer DICOM.

Enterprise Sense PACS System. Contents PACS Server Modality Worklist Server Online PACS Adnministration DICOM File Importer DICOM.
Online Search Marketing OMI Certification Course – Discovery Documentation.

Online Search Marketing OMI Certification Course – Discovery Documentation.
Alfresco – An Open Source Content Management System - Bindu Nayar, Bhavana Mohanraj.

Alfresco – An Open Source Content Management System - Bindu Nayar, Bhavana Mohanraj.
What is BAM?. :Contents *Definition *Description *Goals and benefits *BAM Applications *BAM components.

What is BAM?. :Contents *Definition *Description *Goals and benefits *BAM Applications *BAM components.
1 Talal Abu Ghazaleh Information Technology International (TAG-ITI)

1 Talal Abu Ghazaleh Information Technology International (TAG-ITI)
What’s New in Sage SalesLogix V7.5.2. Release Overview Sage SalesLogix v7.5.2 focuses on: −User Enhancements streamline the user experience furthering.

What’s New in Sage SalesLogix V Release Overview Sage SalesLogix v7.5.2 focuses on: −User Enhancements streamline the user experience furthering.

Similar presentations

Ads by Google