Create a Pull Request for an Issue

When code changes cause issues, Tenable Cloud Security makes the required fixes in the code and raises a pull request for the changes. When the pull request merges with the main repository, Tenable Cloud Security no longer reports the issue.

Note: Tenable Cloud Security can create pull requests only for the native IaC resources.
Note: You cannot create a single pull request for multiple violations. Create a separate pull request for each violation.

To create a pull request for an issue:

  1. Access Tenable Cloud Security.
  2. In the left navigation bar, click Findings.
    The Vulnerabilities page appears.

  3. Click the Misconfigurations tab.

    The Misconfigurations page shows the failing policies and the number of impacted resources along with other details.

  4. Do one of the following:

    • Select the required failing policy to view its details.

    • Use the Search box to search and select a specific failing policy.

    • Use the following filters to filter and select a specific failing policy:

      Filter Description
      Projects Filters failing policies by projects.
      Cloud Filters failing policies by cloud accounts.
      Repositories Filters failing policies by repositories.
      Severity Filters failing policies by the severity of the failing policy.
      Violations Filters failing policies by policy groups
      Source Type

      Filters failing policies by IaC or Cloud.

    • The policy details pane appears.
  5. In the Impacted resources section, hover over the impacted resource that you want to remediate and click >Create a pull request.

    Use the following filters to select the impacted resources:

    Filter Description
    Resource type Filters the impacted resources by resource types.

    Filters the impacted resources by IaC or Cloud.

    Note: You can create pull requests only for IaC resources.
    Inference Filters the impacted resources by inference.

    The Remediation window appears.

  6. In the Remediation window, do the following:

    1. (Optional) In the Title box, modify the title for the pull request.

      By default, the policy name is provided the title of the pull request.

    2. (Optional) In the Description box, modify the default description for the pull request.

    3. In the Reviewers drop-down box, select a reviewer to review the changes before merging the change request with the main repository.

    4. In the Source Branch box, type the source branch.

    5. In the Destination Branch drop-down box, select the destination branch.

    6. In the Secure Value box, verify that the value displayed is correct.

      The Configuration Key box displays the actual mismatched key and the Current Value box displays the value that you must replace.

    7. Click Preview Changes to view the changes.
      The Changes window appears.

    8. Click X to close the Changes window.

    9. Click Create a PR.

  7. Tenable Cloud Security displays all pull requests raised for the issues on the Remediate > Fix PRs page. The Status column displays the current status of the PR.