Prioritization Workflow

A High-Level Overview of the Workflow

Step-by-Step Instructions

1. Navigate to Risk Management > Risk Workbench .
2. Click Start Prioritizing.

3. Define Scope:
   Define scope to enable you to set the business context and drive prioritization:

   • Click the desired business entity/entities.
     
     OR
   • Click Choose Tags Instead to use asset tags for the prioritization scope.
     Show me the steps to add asset tagsShow me the steps to add asset tags
     1. Click Choose Tags Instead. The Select Tags dialogue box appears.
     2. Select the desired tags and then click Add Tag.

     
     

4. Click Proceed.

5. Filter Findings:

   Decide the prioritization approach to discern and filter the findings requiring immediate attention. To do this effectively, structure the approach based on certain  filters :
   • Select the system-defined template(Highest Risk Reduction) with default filters. 
     
     OR
   • Create a custom template.
     Show me the steps to create a custom templateShow me the steps to create a custom template
     1. Click Let Me Decide.
        
         
     2. The Filters page appears with three different types of filters:
        • Common Attributes: These filters  are common across both the finding types (vulnerabilities and misconfigurations)
        • Vulnerabilities: These filters are only applicable to vulnerabilities.
        •  Misconfigurations: These filters are only applicable to misconfigurations.
     3. Expand each filter type and then drag and drop the desired filters to build your custom template.
     4. Click Add.
     5. Click Save as Template if you desire to save this custom template for future use.
     6. In the Save Filter As A Template dialog box, enter the Name and Description of the template and click Save.
        
        
     7. The saved template appears on the Select Prioritization Approach page.

      

6. Start Prioritization:

   Click Prioritize Now.

7. View Findings

   The prioritized findings data appear.
   
   

8. Take Actions on Prioritized Finding List:

   • Filter Using Group By:

     If desired, you can further filter these findings using various Group By options. To do so, click Group By, and use any one of the specified options to group and filter the findings further.
   • Download Findings in CSV Format:
     If desired, you can download these findings in CSV format. To do so, click the ellipsis near Save Plan at the top right corner and then click Download Report as CSV.
   • Save Prioritization Plan:
     i) Click Save Plan if you want to save the prioritization scope, findings, and filters for future use. 
     
     ii) In the Save Prioritization Plan dialog box, enter the name and description of the plan and then click Save.
     
     
     
     iii) The saved plan appears on the prioritization listing page on the Risk Workbench tab:
     
     

     To start prioritization using this plan in the future, simply select the plan and then click Run Now (click  >Quick Actions>Run Now)