Vulnerability Management for Asset Owners

Assign owners to your assets so that your discovered vulnerabilities are assigned to the asset owners. The assigned vulnerabilities are assigned with a due date, which is calculated based on the risk level of the vulnerability.

You must have the correct license capabilities to perform the following scanning operations. If you need assistance to obtain a new or updated license key, contact your Juniper Customer Support.

Configure the remediation reports that you want to send to asset owners, by highlighting the following information:

• The patches that they need to install.

• The steps that are required to remediate the vulnerability.

• The assets that have overdue vulnerabilities.

• New vulnerabilities that were discovered since the last scan.

The standard remediation reports are available on the Email tab of the Scan Profile Configuration page. You can create extra customer reports by using JSA Vulnerability Manager searches.

From the Reports tab, you can create a vulnerabilities report, and assign this report to a scan reports group. You can configure recipients for this report in a scan profile, which can be seen in the Available Reports window of the What to Email tab on the Scan Profile Configuration screen.

Use search criteria to ensure that your reports focus on the vulnerability remediation activities that you require to meet your specific business and compliance needs.

To make remediation report creation easier, use JSA Vulnerability Manager to automatically create asset vulnerabilities and vulnerability reports for each asset owner from a single report definition.

When assets are rescanned, any remediated vulnerabilities are automatically detected and flagged as fixed. They are removed from reports and views, unless they are explicitly configured otherwise. Any vulnerabilities that were previously fixed and are detected again are automatically reopened.