- How do I get my system(s) scanned?
- How can I review the results of my vulnerability scans and get info on what issues need remediating?
- How often are scans completed, data updated, and reports run?
- I don't get a vulnerability report today and would like to, or need changes made to an existing one. How do I do that?
- A server I manage is being decommissioned, what should I do?
- I believe one of my reported vulnerabilities is a false positive, how do I get this addressed?
- My reports and/or dashboards don't show the right systems, how can I get this fixed?
How do I get my system(s) scanned?
Submit scan requests to InfosecVulnerabilityManagement@UR.Rochester.edu and include the server hostname, IP, and name of the team who is or will be responsible for maintaining it.
How can I review the results of my vulnerability scans and get info on what issues need remediating?
Scan results are stored within SecurityCenter.rochester.edu and users can sign in with their AD credentials to view them. Teams can see vulnerabilities and their SLA status on ScalrVM, a dashboard managed through Power BI. If you don’t have access to either of these, email InfosecVulnerabilityManagement@UR.Rochester.edu to request account setup.
How often are scans completed, data updated, and reports run?
Vulnerability scans are generally done each weekend, with results available by Mondays at 7am. Within the ScalrVM dashboard, any new results are pulled in each night so it should accurately reflect the most current scan results. Vulnerability Reports are sent monthly, generally on the 2nd Tuesday, and can be either PDF or CSV format.
I don't get a vulnerability report today and would like to, or need changes made to an existing one. How do I do that?
The Vulnerability Management team is happy to assist with these requests, send an email to InfosecVulnerabilityManagement@UR.Rochester.edu with details or, if you feel a conversation would be easier, ask us to setup a meeting to discuss.
A server I manage is being decommissioned, what should I do?
Open a ticket with the Help Desk and have them include notification to the Vulnerability Management team. Once we receive it, we will mark the host as “decommissioned” and vulnerabilities will be purged from our platforms within a week.
I believe one of my reported vulnerabilities is a false positive, how do I get this addressed?
Open a ticket with the Help Desk to be assigned it to the Vulnerability Management team, and include:
- What system(s) and services/ports were detected as vulnerable
- Evidence that the issue is a false positive, such as a screenshot of the installed software version or relevant configuration.
-
-
My reports and/or dashboards don't show the right systems, how can I get this fixed?
Email InfosecVulnerabilityManagement@UR.Rochester.edu with the hostname(s) and IP(s) that need to be added or removed, and we will make the changes needed to reflect that.