Create an Exposure Response Initiative

Required User Role: Administrator

In the Exposure Response section, you create initiatives, which are projects to address vulnerabilities in your environment. In initiatives, you track specific findings using combinations and apply asset tags to choose the assets in scope. You can then assign initiatives to your team, set SLAs (Service Level Agreements), generate tickets in Jira, and track progress using remediation scan results. Ticket statuses are bi-directional and therefore update dynamically between Tenable Vulnerability Management and the selected ticketing system.

Example Initiative

To address recently exploited vulnerabilities on your Headquarters network, you might create an initiative as follows:

  • Name — Recently exploited vulnerabilities at HQ

  • Asset Scope — Network: HQ

  • Owner[email protected]

  • Remediate Within — 7 days

  • Combinations — Category is equal to Recently Actively Exploited AND VPR is greater than 6

Before You Begin

Before you create an initiative:

  • Create asset tags — Initiatives use asset tags to define the assets in scope. Create any asset tags you plan to use for your initiative.

  • (Optional) Create custom combinations — If you plan to use custom combinations, create them via the Manage Combinations tab.

  • Configure the appropriate ticketing system for use with Tenable Vulnerability Management:

Create a New Initiative

To create an initiative based off of a finding:

  1. In the left navigation, click Menu Exposure Response.

    The Exposure Response page appears. By default, the Initiatives tab is active.

  2. In the My Initiatives section, click the button.

    The Create an Exposure Response Initiative pane appears.

  3. On the Basic Setup tab, configure the following options:

    Option Description
    Name (required) Type a name for the initiative.
    Description Type a description for the initiative, for example Reduce my external attack surface.
    Owner

    Select the initiative owner from a list of [MadCap Variable: Tenable.VulnerabilityManagementStandalone] users. You cannot reassign initiatives once you create them.

    Note: Only administrators and initiative owners can view initiatives.
    Asset Scope (required) Choose up to ten tags to define which assets in your environment are in scope. Search for and select tags to assign, for example Priority: High or Software: Oracle.
    Remediate Within (SLA) (required) Choose an SLA, in days, by which all findings require remediation. For example, to set an SLA of one week, enter 7.
    Assign Combinations

    Select up to ten combinations from the available tabs:

    • My Combinations — Your personal combinations, which only you can view. You cannot assign personal combinations to initiatives you do not own.

    • Shared — Organization-wide combinations, which anyone can view or use, and which your administrators and the combination owners can update. Track updates in the Combination Timeline.

    • Tenable — Predefined combinations from the Tenable Research Team. These may be updated infrequently, which can change the resources in your initiatives. Track updates in the Combination Timeline.
  4. Click the Ticketing Automation tab.

    The Setup Delivery Methods appear.

  5. Do one of the following:
    • To configure Jira ticketing automation:
      1. Click Jira.
        Note: You must first configure Jira for use with Tenable Vulnerability Management. For more information, see Configure Jira.

        Jira ticketing configuration options appear.

      2. Configure the following options:

        OptionDescription
        Ticket Aggregation Behavior

        Select how you want Tenable Vulnerability Management to aggregate tickets for the finding:

        • New ticket for every new finding — Every time a finding appears, a new ticket gets created in Jira.

        • New findings create subtasks on an existing ticket — Every time a finding appears, a subtask gets created on an existing Jira ticket.

        Existing Jira Ticket (optional)

        Select the existing Jira ticket from the drop-down list.

        Note: You see this option only if you choose New findings create subtasks on an existing ticket.
        Project

        The Jira project in which you want tickets to be created.

        Important: You must have at least one Jira project for the configuration to function as expected.
        Work TypeThe specific type of issue created, for example, Story, Task, or Bug.
        SummaryThe Jira Summary combines the finding name, asset name, and this text to create a descriptive ticket title.
        DescriptionA detailed explanation of the issue, context, and steps to reproduce (if applicable).
        Priority

        The relative importance or severity of the issue. Default value: Default Mapping.

        Note: Leave this set to Default Mapping to allow the priority to be set by the finding severity based on your Jira instance configuration. For more information about overriding this severity, see Configure Jira.
        ReporterThe user who created the issue and submitted it to the project.
        AssigneeThe user to which the ticket or subtask is assigned in Jira.
        ParentThe larger issue (for example, an Epic) under which the current item is nested.
        Labels

        Custom tags you want to apply to the ticket for flexible categorization and filtering.

  6. Click Save.

    The initiative appears in the My Initiatives panel. It can take up to 10 minutes to see the updated ticket information in both Tenable Vulnerability Management and the selected ticketing system.