| Table of Contents |
|---|
...
Tenable SecurityCenter is an enterprise vulnerability management tool that UCI has purchased to expand our vulnerability management initiative campus-wide. SecurityCenter is being offered as a self-service tool that systems administrators, management and business owners can use to track the vulnerability status of their systems as well as track the mitigation progress.
...
If you are unable to remediate a vulnerability but there are other measures in place to lower the risk, you can choose to click the "Recast Risk" button from the vulnerability detailed screen. This will pop out a new screen where you can change the vulnerability to a new severity level and add a comment regarding why you are changing the severity level. You can then choose to apply this to one or multiple hosts with that vulnerability. Once you recast this risk it will be re-classified on reports and placed in a repository of recast risks with the name of the user who submitted itcan submit a request in ServiceNow to recast the risk or email your request to security-vmp@uci.edu.
Recast Risk Example: A high vulnerability is found on a system regarding FTP, however to get into that system you have to use VPN and multi-factor authentication and the system only allows users with appropriate access into the system. There are several layers of protection here that would make it very difficult to exploit. Therefore you might can submit a request in ServiceNow to recast the risk from a "high" to a "medium".
Basic Reporting
...