Document Version: 2.1
© 2021 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.
This document provides users with a comprehensive overview of the Tickets for OUTSCAN and HIAB. This document has been elaborated under the assumption the reader has access to the OUTSCAN/HIAB Account and Graphical User Interface.
This document gives you a step-by-step configuration setup guide for configuring the OUTSCAN/HIAB solution according to best practice. It takes into account the size of the organizations and provide information about why different options are taken over other in order to provide justification why the different paths where chosen.
Best practice regarding tickets is to have them become automatically assigned from within the tool and thus saving manual workload. If you already have a ticket system that is used within your organization then integrating with that would be a good option since then you can track, compare, and manage tickets there and not forcing users to learn additional software for their job duties.
If the risk levels already are defined, then changing them within the OUTSCAN/HIAB solution is best practice instead of having a mapping or two competing risk levels that may cause confusions in critical situations later.
In order to change the levels (both name and priority), click on the settings button in the upper right corner next to the question mark ( ? help) on the Tickets page. Then the following dialog is displayed where you can define your risk levels.
If tickets are handled externally, then check the setting to automatically close tickets once the vulnerability referred to it is resolved. This prevents tickets from staying open after the issue has been resolved.
Regarding automatically assigning tickets to a user, this is done in the Event Notification system. There are several events that all start with the name Finding and those can be used to automatically assign a ticket to a pre-defined user. Below you see an example of new risk automatically being assigned to Jane Doe for targets where she is registered to receive high risks for.
The Tickets Interface
The Tickets module is used to manage different assignments with individual users that have access to the ticketing module. Access to the Tickets module can be managed under the Roles tab in the Manage Users module.
To access Tickets, open the Main Menu located in the lower left corner.
Tickets Grid Window
The Tickets grid includes different columns. To enable or disable a column click the arrow next to the name of any column. In the displayed drop-down menu there is a field called Columns which lists the available columns. Most of these columns allow filtering, this provides the option to display a subsection of all available data. To enable filtering, access the same drop-down menu as for columns and click Filters.
The available columns for the Tickets grids are:
Whom the ticket has been assigned to.
Due date of the ticket.
The name of finding for which this ticket was created for.
Name of the host affected. (Empty for custom type.)
Displays the priority of the ticket where P5 is the highest.
The date of the report which the ticket was created from. (Empty for custom type.)
Script ID of the finding which the ticket will trigger for. (Empty for custom type.)
Status of the ticket.
Summary of the ticket.
The target which the finding/report was reported/created for.
ID of the ticket.
Where the ticket originated from:
The type of the ticket:
Displays the status of the finding which this ticket is created for:
Assigning new tickets is performed from either Reporting Tools, PCI Reports, or from Tickets.
To create and assign a new ticket from the Tickets grid window press New in the upper left corner. This displays the Maintaining Ticket window where you can edit the Summary, Priority, Status, Due Date, Assignee, and add comment for the ticket.
Right clicking a ticket in the Tickets grid provides different actions to choose between:
Add comment for the specific ticket
Create a new ticket
Delete the specific ticket
Edit the specific ticket
Marking multiple entries by holding CTRL and left click makes it possible to either use Delete to delete multiple tickets or Add Comment to add comments to multiple tickets. These two options are available in the top menu bar of the grid.
Exporting a report from the Tickets grid is done by clicking Export in the lower left corner of the window. The available formats are PDF and Excel. This report includes information about all tickets in the Tickets grid.
Clicking the Settings icon in the upper right corner of the window toolbar provides access to the tickets settings:
The priority list can be used to select fewer ticket levels than the original 5.
When a Label is defined on a priority level, it is displayed instead of the default P1-5 name in the drop-down throughout the system.
Default due days is a configuration option that automatically sets the due date based on the setting here and the selected priority upon creation of the original ticket.
Able to mark it as active or not, set a value for default due days and rename it.
P5 is checked as default and cannot be unchecked.
Automatically close verified tickets
It enables the system to close tickets when it has been verified.
Include vulnerability details in email
Include the details of the vulnerability found in the email for the ticket.
Send Ticket Notifications
Enable this option to allow the system to send email notifications when a ticket is created, changes status, and is closed.
Send Ticket Overdue Notifications
Send a notification to the assignee once a ticket is overdue.
Remove all tickets
Removes all tickets that are visible in the Tickets grid.