There’s a built-in ticketing system in NormShield. Figure 1 shows the list of vulnerabilities interface shown when Vulnerability->Vulnerability List sub menu is opened. The Operations section includes a list of defined users and groups for the company and an Assign button next to it. So administrators can assign defined users or groups to one or more vulnerabilities.
Note: Please check out Take Ownership flow article for the vulnerability assignment rules of built-in ticketing.
Figure 1 - The list of vulnerabilities and user/group assignment operations
If the NormShield is integrated with Active Directory, then there's a more flexible way of defining users and then assigning vulnerabilities to them in a matter of seconds. As shown below after selecting the related vulnerabilities, typing the username or display name of the responsible user defined in Active Directory but not in NormShield will be enough to query the AD. Typing the first three letters is a must, and Active Directory query can be made more elastic through Active directory integration interface.
When the Assign button is clicked the selected user will be first created in NormShield and then the selected vulnerabilities will be assigned to him/her.
The assigned vulnerabilities will be visible to the owners when they login to NormShield with their username and passwords.
Owners can only change status of a vulnerability they own to one of Recheck, FalsePositive or Accepted. Only NormShield through the automatic scans or administrators can change the status of a vulnerability to Closed.
When the ticket-assigned users are allowed to determine a re scan in order to validate their mitigations against the assigned vulnerability, then they can plan a re scan with the same scan policy by selecting a re scan date shown below along with an optional comment line for any description.
Owners or administrators can transfer or write comments to their vulnerabilities as shown in Figure 2 by using the Ticket Activity tab through Transfer or Comment buttons.
Figure 2 - Built-in ticket operations in vulnerability panorama interface