Tickets are used to track efforts to review, analyze, and deploy remediation and prevention steps associated with specific vulnerability instances. The Tickets section of a vulnerability lists the tickets associated with the instance.
Tickets have an associated workflow. Vulnerability resolution tickets are related to their vulnerability instance. The status of the ticket corresponds to the current stage of the workflow. The workflow and its stages can be customized to suit specific requirements, but typical ticket workflow stages include:
New
In Progress
Review
Closed
Closed via Exception
The Tickets page.
The disposition field affects the workflow while editing a ticket. Set the disposition to Escalate or Exception or customize the set of disposition choices.
Ticket updates can change the ticket disposition. You can also select a disposition that will not generate escalations. However, changing the ticket disposition does not automatically close the ticket or prevent a closed ticket from being reopened.
Tickets also have an Exception Expiration field. If you specify a date in this field, the system will send an email to ticket stakeholders when the ticket is overdue. The email template used for this notification is specified in the property ticket.exception.expired.notification.template.
Ticket escalation templates can be specified by priority using the system property: com.agiliance.ticket.escalation.template with a value such as "high, Default Ticket Escalation Template; medium, Default Ticket Escalation Template".
Relevant system properties include:
- vulnerability.status.exception: Names the exception status for all vulnerabilities; and
- vulnerability.status.cannot.overwrite: Names the exception status that cannot be further modified by a scanner or other source reporting the same vulnerability instance again.
The Tickets tab of a vulnerability.
Tickets are associated with a vulnerability instance. Ticket email templates can contain the vulnerability title and description. To append vulnerability information in the notification that you send to stakeholders, use the objectgetAttachmentVulnerabilities() to specify the following html code in the email template.
#set($vulnerabilities= $ticket.getAttachedVulnerabilities())
#foreach($v in $vulnerabilities)
Vulnerabilities: $v.getCaption()
#end
$ticket.getAttachedVulnerabilities()
