Requesting a Severity Update

How to submit a severity update request in RiskSense.

The severity update workflow provides organizations with the ability to update a vulnerability’s severity based on their own environment’s needs. The RiskSense platform provides an option to change a vulnerability’s severity using the Severity Update (SU) workflow.

To submit a severity update request, go to either the Network > Host Findings or Application > Application Findings pages. For this example, we will show you how to submit a severity update using the Network > Host Findings page.

Host Findings Menu Location-2

Select the finding(s) you want to update the severity for by clicking the check box in the page’s first column. You may select several vulnerabilities at a time for severity update.

Severity Update Request - Selecting Host Findings

Click the Workflow button.

Severity Update Request - Workflow Button Location

In the Workflow drop-down menu, click Request under the Severity Update category. This option can be used for single and multiple vulnerabilities.

Severity Update Request - Severity Update Request Menu Location

You may also select a single vulnerability and right click the line item to select workflow options from the menu. Note that using the right-click option only works for a single row, as designated in the screenshot below.

Severity Update Request - Severity Update Request Right Click Menu Location-1

Clicking Workflow > Severity Update > Request brings up the Request Severity Update window.

Severity Update Request - Request Severity Update Window

The following list describes the fields that appear in the Request Severity Update window.

  • Description: Description of the severity update.
  • Reason: Reason why the vulnerability needs a severity update.
  • Severity: The new severity requested. Can be a value from 1-10.
  • Expiration Date: Date that the severity update should expire. If the date is blank, the severity update will not expire. You may enter your own expiration date or select one of the presets underneath the expiration date field.
  • Drag Files Here: Allows users to upload documents or images supporting the severity update request.

Once the form is complete, click Submit. Once a user requests a severity update, an icon appears next to the vulnerability’s severity denoting the severity update request, as shown below. The severity update request is then sent to a group manager or manager to either approve or reject the request.

Severity Update Request - Severity Update Requested Icon