Approving a Severity Update

How to approve a severity update request in RiskSense.

The severity update workflow provides organizations with the ability to update a vulnerability’s severity based on their own environment’s needs. The RiskSense platform provides an option to change a vulnerability’s severity using the Severity Update (SU) workflow.

Only managers and group managers can approve severity update requests.

To approve a severity update request, go to either the Network > Host Findings or Application > Application Findings pages. For this example, we will show you how to approve a severity update using the Network > Host Findings page.

Host Findings Menu Location-2

Select the severity update request findings you want to approve by clicking the check box in the page’s first column. You may select several vulnerabilities at a time for approving severity updates. If you are having trouble finding severity update requests, see Filtering for Severity Update Requests.

Severity Update Approve - Selecting Host Findings

Click the Workflow button.

Severity Update Approve - Workflow Button Location

In the Workflow drop-down menu, click Approve under the Severity Update category. This option can be used for single and multiple vulnerabilities.

Severity Update Approve - Approve Severity Update Menu Location

You may also select a single vulnerability and right click the line item to select workflow options from the pop-up menu. Note that using the right-click option only works for a single row, as designated in the screenshot below.

Severity Update Approve - Approve Severity Update Right Click Menu Location

Clicking Workflow > Severity Update > Approve brings up the Approve Severity Update window.

Severity Update Approve - Approve Severity Update Window

The following list describes the fields that appear in the Approve Severity Update window.

  • Severity: The new severity requested.
  • Expiration Date: Date the severity update should expire. If the date is blank, the severity update will not expire. You may enter your own expiration date or select one of the presets underneath the expiration date field.
  • Override Expiration Date: If the requester submitted an expiration date on the severity update and you want to modify it, you must change the expiration date and click this check box.

Once the form is complete, click Submit. Once a manager approves a severity update, an icon appears next to the vulnerability’s severity denoting the severity update approval, as shown below.

Severity Update Approve - Approved Severity Update Icon