1 of 1 people found this helpful
You could create a vuln set and uncheck updating for the vulns selected, this way the admins arent chasing a moving target and you can show measured progresss based on the static vuln set.
Hi John, thanks and I appreciate you taking the time to submit a suggestion. Unfortunately, doing it this way avoids the use of vuln sets and would force me to manually select the vuln filters to apply and continually revisit them. I was hoping for a way to accomplish this using vuln sets and the benefits that come with them.
Also, McAfee mentioned in their pdf about the new features MVM 7.0 that the use of vuln filters would be removed from MVM in a coming release, so I don't want to develop a process I will not be able to continue to rely on into the near future.
Here's an excerpt from their pdf about vuln filters - pdf called "What's new in MVM 701.pdf"
Many customers have attempted to use the “Vulnerability
Filter” feature to fill some of these needs. That feature
can be completely replaced by the vulnerability set
feature and we do plan on removing the vulnerability filter
feature entirely in our next major release. If you have
vulnerability filters in use today, please begin to move
them to the vulnerability set feature. You will quickly
begin to see the power of vulnerability sets compared to
the old filter concept.
For the time being, I guess I will submit a Feature enhancement request to introduce a rule expression for vuln sets that would allow me to filter out vulnerability checks based on the time/date the check was released by mcafee.