Create Mitigation Job

You can create mitigation job for the vulnerabilities of the respective asset. The QID may contain one or more CVEs and each CVE has associated Qualys Detection Score (QDS) score.

Navigate to the VMDR > Vulnerabilities tab and select the QID to mitigate. From the Quick Actions menu, click View Risk Elimination. You are redirected to the Mitigation > Eliminations tab. Click Mitigate Now. 



On the Create: Windows Mitigation Job window, perform the following steps: 

1. Basic Information
2. Select Assets
3. Select Actions
4. Schedule
5. Options
6. Job Access
7. Confirmation

1. Basic Information

   Enter a job title and description of the job in the respective fields and click Next.

2. Select Assets

    The Manual Asset Selection option is selected by default. The selected asset is automatically displayed on the screen. 

    Important to Know           

• You can only remove assets, but cannot add additional assets to the mitigation job.   
• If you remove an asset,  the associated QID is also removed from the job. 
• You need atleast one asset to save the mitigation job. 

 3. Select Actions

 The action is populated on the screen by default. You can click   icon to view the mitigation details. 

4. Schedule

i) The On Demand job run option is selected by default, and the job is executed once enabled.

ii) To schedule the job to run at a specific time: 

1. Click Schedule.
2. Select the required START DATE and START TIME.
3. To select the required timezone, click Set timezone and select from the options from the dropdown list.
   By default, the system uses the agent timezone.
   
   
4. Click Next. 

5. Options 

To configure job notification settings:

1. Enter the email address of the recipient. You can enter a maximum of fifty email addresses.  
   
   
2.  (Optional) Select Execution started checkbox to receive email notification when the job is started
3. Select the Execution Completed checkbox and enter the percentage of job completion on which you want to receive the notification. 
4. Click Next.

6. Job Access

Select the co-authors for this mitigation job and click Next. The co-authors can perform job actions based on their permissions, such as editing the job. 

7. Confirmation

Review your selections, and select Save or Save and Enable the job. 

Note that the SuperUser or Administrator can change the job status (enable/disable), delete and edit the job.

• When you click Save, the job is saved, and its status is DISABLED. You can enable it later. 

To run a job in the DISABLED state, you must enable it. To enable it, go to the Jobs tab and click Enable from the Quick Actions menu of a job.

• When you click Save & Enable, the job is saved and ENABLED. This option is available only when creating a Job the first time, not during editing the job.

The Save and Enable option should be chosen only when you are confident that the job is correctly configured because it's enabled and in a good-to-execute state.

You can use the Disable option to temporarily disable a scheduled job. Later, at your convenience, you can re-enable the job. 

Once all the CVEs associated with the QID are mitigated, the asset status changes to Mitigated. After mitigation, the QDS score reduces as per the impact factor that reduces the vulnerability impact on the asset. For example, if the impact factor is 30 and the QDS score of the CVE is 90, after mitigation, the QDS score reduces to 60. 

When all the CVEs associated with the QID are mitigated, only then the asset status changes to Mitigated.  

The mitigated job status can be viewed on the VMDR > Vulnerabilities tab. Click on the QDS score to see the score reduction.