These high-level steps show a typical finding workflow from creation to validation.
Use this workflow as a general guideline to manage project findings. Depending on the project type and the number of findings, you might not need to perform all of these steps in this order. For example, with small application testing projects, you might not have any need to correlate findings.
- Import data to Resolve and add findings to the workspace. During the data import, findings are automatically correlated in Resolve.
- Begin reviewing findings in the workspace finding tree. Consider prioritizing findings with the highest severities on assets that are most critical to your organization. If you're following a project checklist, the order of the checklist items might determine which findings to review first.
- Begin verifying findings. Verification is the process of determining if a vulnerability exists in the environment as reported, as opposed to being a false positive. Update finding verification information with proof that the vulnerability exists.
- Correlate findings and update master finding information as needed. Correlation links the same type of findings to the same master finding regardless how the finding was found, either manually or from different tools. If you're not authorized to perform this functionality, submit a request with the appropriate team member or manager.
- Update reviewed findings with the proper state. Mark verified findings asĀ final.
- If you use Track, publish findings that are ready for the remediation workflow.
- After findings have been remediated, you might need to retest and validate that the vulnerabilities have been fixed.