To request remediation from someone at your organization, click on Remediation under VENDOR RISK in the sidebar. Your screen should look similar to below. From here you’ll want to click Request remediation.
Clicking Request remediation will take you to the first step in our vendor remediation workflow which lets you select the vendor you want to request remediation from. Select the vendor and then click Confirm and next.
Clicking Confirm and next will take you to the Select risks and assets type step. This step lets you add the risks and assets you want to associate with the remediation request. If you haven’t sent a questionnaire to the vendor, you’ll only be able to select automated scanning risks. Please read our article on how to send a vendor a security questionnaire for more information.
If you would like to remediate a risk at a specific domain, click on the corresponding row to expand it (1). This will display all the domains that have the risk. You can also filter the list by using the risk category selector (2) or search bar (3). By default, the most severe risks appear first.
In the example below, I’ve chosen to add the ‘AMQP port open' and 'FTP port open'. Once you are happy with your selection, click Confirm and next.
Lastly you will see the Review and send step where you will need to select a vendor contact or enter their name and email address. You can also set a due date and reminder date or edit the title and message sent to the recipient(s) on this screen. When you’re ready, click Submit request.
Now that the request has been created, you’ll be able to track its progress in the remediation requests table. You can also add or remove items from a remediation request instead of cancelling and creating a new request by editing/amending the remediation request.
