To assign a vulnerability, first you need to go to the Vulnerabilities section and select the type of vulnerability you want to treat.
Selecting this will take you to the location view where you can perform actions such as: Assign vulnerabilities and apply treatments to them.
You can assign vulnerabilities in Untreated status or reassign vulnerabilities in Progress status. Also, you can assign a person even if you have previously applied the two treatments: Temporarily accepted and Permanently accepted.
In a untreated vulnerability, to assign it to someone, you must click on the specific location of the vulnerability. After that, a pop-up window will immediately appear, showing you three tabs, from which you need to select the one called Treatments. After that, you must change de Untreated to in progress status in the treatment field.
Several fields will be activated here. You must fill in all them with the requested information. In Assigned, you add the email address of the developer or team member who will be in charge of fixing the vulnerability. After you provide all the required information, you must click the Confirm button.
Note: Only a Fluid Attacks staff member can assign a vulnerability to other Fluid member. In either case, the Assigned dropdown list will show only valid options for the assignment.
Right away, the new person responsible for fixing the vulnerability will receive an email notification telling them about the new assignment, specifying the type of vulnerability, the group and the location. Clicking the Go to type of vulnerability button will redirect them to the Location section on the ARM.
Now, if you want to change the responsible for a vulnerability, it is possible. In the Assigned field, you have to put the email of the new responsible; this person will receive the notification New Vulnerability Assignment.
The person who was assigned the task will be able to find the aforementioned To do function on the top-right menu of the ARM, next to the megaphone icon. The number over the icon will tell them how many vulnerabilities are assigned to them. Clicking on the icon will allow them to see the vulnerability locations they are responsible for remediating. Click here to learn more about this feature.