This article will provide an overview of Update Remediation by Assessment how to initiate it and its functionality
Update Remediation by Assessment (URbA) is a function that compares the last two assessments in which a given asset has been found. If a vulnerability was found in an initial assessment for a given asset and a subsequent scan no longer shows that vulnerability on the asset, running URbA marks that vulnerability as RM Approved by Scan and is considered closed. Likewise, if a vulnerability has been marked as Approved using the manual remediation process but is still found in the next scan, running URbA puts that vulnerability into the RM Reworked by Scan state and is considered open. Findings in the Risk Acceptance (RA) or False Positive (FP) workflows are not affected by URbA.
Only managers and group managers can run URbA
To run URbA, navigate to the either the Network > Hosts or Application > Applications pages. For this example, we will use the Network > Hosts page.
Select assets to compare by clicking the check box in the page’s first column. You may select from one to all assets within a client.
Click the More button. In this drop-down menu, click Update Remediation by Assessment.
A confirmation notification will appear on the screen describing the URbA process. Click Continue to finish.
Once clicked, a snackbar notification appears at the bottom of the page stating that the remediation process has started.
NOTE: The process is identical for web applications, except you would navigate to Application > Applications to initiate the process instead of Network > Hosts.