Remediate high risk vulnerabilities
The Highest risk vulnerabilities chart on the Remediate dashboard gives you visibility of the most serious vulnerabilities affecting your system.
To remediate a high risk vulnerability:
On the Remediate Vulnerabilities
dashboard Vulnerability overview tab, click the
Critical (or High if
Critical does not exist) segment in the
Criticality breakdown chart.
Tip: Alternatively, select the appropriate criticality level from the filter drop-down menu at the top of the Vulnerabilities table. You can also sort the Vulnerabilities table by Risk score to discover the highest risk vulnerabilities.A list of critical vulnerabilities appears in the Vulnerabilities table.
- Select the vulnerability you want to remediate in the Vulnerabilities table.
On the Vulnerability detail page, review the analysis
and remediation information that is displayed for the selected
- The Analysis section provides you with information on the nature of the vulnerability and the threat it poses.
- The Remediation section gives practical information on the remediation task you need to carry out to block the threat (where provided by your vulnerability scanner).
In the Nodes affected table, select the nodes to
which you want the remediation task to apply.
If Remediate does not have the credentials to apply a task to a node, it is not selectable in the Nodes affected table.
- Click Run Task.
On the Select a task page, choose the task you want to
Note: You can only run tasks that are available on all the nodes you selected.
- For Puppet Enterprise nodes only, choose the environment where you want the tasks to run in the Environment column.
- Click Select this task to proceed.
- On the Configure task page, configure the task as required. Instructions on remediation for the selected vulnerability are visible on this page. Click Confirm details when you are done.
On the Select credentials page, select the credentials
that allow you to run the task on the selected nodes, and click
Note: If you are running the task solely on nodes where Puppet Enterprise is installed, the Select credentials page is skipped entirely. Credentials are not needed for PE nodes.
On the Review and run task page, verify that the task
summary information is correct, and click Run
A confirmation message appears at the top of the page, confirming that the task type that is now running and how many nodes it affects.Tip: To view the status of the task run, on the left hand pane, click Latest events.Note: The changes made by the task if successful are only reflected here after your next security scan, so don’t worry if you see no updates at this point.