Workflow: Mitigating vulnerabilities with Concert

When you upload a vulnerability scan file, IBM® Concert evaluates your application landscape to determine whether a known vulnerability or CVE (Common Vulnerability and Exposure) impacts your application components. If it does, Concert can automatically create and assign a ticket in your third-party ticketing system and assign it to the relevant person to ensure that it is addressed.

You can upload vulnerability scan as a CSV, XLSX, or XLS file formats or as a VDR file in CycloneDX format.

Note: You can configure automation rules to automatically create and assign tickets in your organization’s ticketing system based on a compliance assessment, CVE tracking, or certificate management event in the Concert platform.

Before you begin

  • Consider setting up automation rules before importing vulnerability scan data to allow Concert to automatically create and assign tickets in your third-party issue tracking system to more efficiently address prioritized CVEs.

Step 1: Import vulnerability data to Concert

Using Prisma Cloud, CycloneDX, or another vulnerability scanning tool, you can generate a vulnerability scan file in one of the three supported formats, then upload the file to Concert to assess and prioritize CVEs impacting your applications and environments.

Refer to Supported vulnerability scan formats for details about all supported formats.

Step 2: Review the impact of CVEs on your applications and environments

You can identify CVEs impacting your application components or environments from the Arena view or by going to Dimensions > Vulnerabilities.

From the Arena view:
  1. Select the Arena view from the main navigation for an interactive view of your application topology.
  2. Enable the toggle switch next to Prioritized CVEs to see high-priority CVEs and the impacted application components.
    Tip: Hover over the CVE to highlight the scope of impact across your global application topology. Click the node to learn more about the impacting CVE.
From the Vulnerabilities page:
  1. Select Dimensions > Vulnerabilities.
  2. Select a CVE from the list to view details and impacted applications.

Per Application or Environment

Navigate to an application image, repository, or environment details page to view its impacting CVEs.

Step 3: Open a ticket in your third-party tracking tool

Follow the instructions to create a ticket within your organization’s third-party ticketing system.

  1. Next to an impacted entity, click Open ticket.
  2. Select the appropriate ticketing system: GitHub, Jira, or ServiceNow.
  3. Select a previously established connection with the third-party system from the drop-down menu.
  4. Complete the form fields based on the selected third-party ticketing system.
  5. Under Ticket details, edit the title and body of the ticket.
  6. Provide the username of the person to whom to assign the ticket.
  7. Click Open.