How to send a severity update request back to the user for rework.
The severity update workflow provides organizations with the ability to update a vulnerability’s severity based on their own environment’s needs. The RiskSense platform provides an option to change a vulnerability’s severity using the Severity Update (SU) workflow.
Only managers and group managers can send severity update requests back to users for rework.
To rework a severity update request, go to either the Network > Host Findings or Application > Application Findings pages. For this example, we will show you how to rework a severity update using the Network > Host Findings page.
Select the severity update request findings you want reworked by clicking the check box in the page’s first column. You may select several vulnerabilities at a time for reworking severity updates. If you are having trouble finding severity update requests, see Filtering for Severity Update Requests.
Click the Workflow button.
In the Workflow drop-down menu, click Rework under the Severity Update category. This option can be used for single and multiple vulnerabilities.
You may also select a single vulnerability and right click the line item to select workflow options from the pop-up menu. Note that using the right-click option only works for a single row, as designated in the screenshot below.
Clicking Workflow > Severity > Rework brings up the Rework Severity Update window.
In the provided text box, enter the reason for reworking the severity update request. Once complete, click Apply.
When a severity request is reworked, an icon appears next to the vulnerability’s severity denoting the severity update rework, as shown below.