R Y S K V I E W

Please Wait For Loading

Preloader Loading Cancel.

How Can We Help?
< All Topics
Print

POAM Task Queue

Posted
Updated
BySundiata Daniel

Overview

Home screen containing POAM Actions, or vulnerabilities, assigned to you in which you can:

  • Review findings and assets affected
  • Upload artifacts
  • Enter mitigations
  • Add and edit milestones and Scheduled Completion Date
  • Send findings through the workflow
Graphical user interface, application Description automatically generated

Task Queue features

Vulnerability ID Information

Click Vulnerability ID hyperlinks for detailed information (e.g., possible solutions, fixes, or checks). You may be directed to the Tenable website or information may appear in a popup.

The icon indicates an attachment has been uploaded for the vulnerability. Click the icon to view the attachment popup. Click the hyperlink(s) to view the attached document(s).

Graphical user interface, text, application Description automatically generated

Log Work

Status options may not be available to all users/roles. For example, only the user at the end of a workflow may change the Status to a “Terminal Status”. Terminal Status marks the END of a workflow. These include False Positive, Risk Accepted, and Closed.

Expanded Asset View

Click > or Asset(s) hyperlink for an expanded view of detailed information shown across six tabs. 

The Details tab provides vulnerability details imported from, and limited to, data from source scan file.

Click Upload File to attach documents (permitted attachments are Microsoft Office files, pdf, jpeg, png, and txt). Attachments are listed as a hyperlink and can be viewed in a browser window or downloaded. You may also delete attachments.

The first and second columns in the POAM Task Queue are labeled:

  • Total Assets: Total number of assets that have been added to the POAM. This includes both remediated and unremediated assets. 
  • Remaining Assets: Number of unremediated assets that remain vulnerable, based upon the most recent scan.

The Assets tab lists the assets that remain vulnerable from most recent scans and those that have been closed/remediated (indicated by strikethrough). You can Hide or Show Closed Assets within the Assets tab. Asset information may include Hostname, IP Address, MAC Address, and Ports. 

The Milestones tab lists the significant steps in the process that have been or will be completed. Information includes a description and complete date.

Each Assignment has a Scheduled Completion Date (SCD). The SCD will automatically default to the latest milestone date documented.

Likewise, each Action has a SCD that is automatically determined by the latest SCD of the assignment(s).

The Mitigations tab allows you to enter any security controls or mitigations that will provide context to reduce the risk of the vulnerability.

Mitigations entered at the System level will appear in the Mitigations tab.

The Workflow tab provides a visual representation of the users/user groups that make up the default workflow for the vulnerability as defined by the POAM Type. 

The Workflow details include dates, assignees, comments, actions, and checkboxes to indicate whether the actions are complete.

Table of Contents

Contact Us

10411 Motor City Drive
Suite 685
Bethesda, MD 20817

(410) 696-1680

info@ryskview.com

©  Ryskview, LLC