Uploaded image for project: 'Red Hat Advanced Cluster Security'
  1. Red Hat Advanced Cluster Security
  2. ROX-28716

Add policy criteria "Days since CVE was published"

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Done
    • Icon: Blocker Blocker
    • 4.7.2
    • 4.7.0
    • None
    • Product / Portfolio Work
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • New policy criteria "Days since CVE was published" allows teams to design more sophisticated violation grace periods using the CVE publish date
    • Enhancement
    • Yes
    • Rox Sprint 4.8D - Global
    • 0

      This features addresses RFE https://issues.redhat.com/browse/RFE-7323 

      This feature is related to the following:
      (case https://access.redhat.com/support/cases/#/case/04057612 )

       

      Functionality: adding a policy criteria "Days since CVE was published" that is identical to "Days since CVE was first discovered in system" except it acts on the published date field.

       cc: sbadve@redhat.com

      (BM) I've added RN text. Please work with kcarmich@redhat.com on updating docs to include this new criterion , and explain what the "published"  field means.
      bmichael@redhat.comI updated the RN text to remove the unrelated parts.

              ksanchet@redhat.com Khushboo Sancheti
              bmichael@redhat.com Boaz Michaely
              Shubha Badve
              Boaz Michaely Boaz Michaely
              ACS Core Workflows
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: