Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature request #236

Open
DaSein9 opened this issue Oct 3, 2022 · 0 comments
Open

Feature request #236

DaSein9 opened this issue Oct 3, 2022 · 0 comments

Comments

@DaSein9
Copy link

DaSein9 commented Oct 3, 2022

Can we get remediation reporting that talks about patches, configurations and/or software currency instead of vulnerabilities?

Fact is, nobody outside of security cares about vulnerabilities. In fact vulnerabilities are just the symptom of a faulty underlying service. VM is oversight on patch management, configuration management, and software currency. It would be fantastic to get remediation reports that tell them what patch, etc. the remediation team needs to do to fix it. The remediation recommendation behind the scenes provides priority based on vulnerability, but the remediation team doesn't need to know that. In fact installing a patch is often a many to one solution, where the patch will fix many vulnerabilities or varying severities. But as long as the urgent one is addressed the others are a matter of convenience. To be effective security needs to speak the common language of IT since they are the most common recipients of our outputs. Can we stop navel gazing an engage.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant