Detection states and actions

Follow

In the Patchman Portal, every detection has their own state. The following states are defined:

Unresolved / Open The detection is new or no action has been taken yet. 
Resolved The detection has been resolved.
Blocked No automatically scheduled actions will be executed for this detection. (Manual actions will still be executed.)
Reverted The detection was resolved, but the fix has been reverted putting the file back in its original state.
Retracted The detection has been resolved, because the file was changed (outside of Patchman) or has been removed. Most likely the end user has updated his CMS to a newer version.
Pending change Detection of malicious code occurred and clean scheduled, but pending review by Patchman (Patchman CLEAN state)
Requires attention Detection of malicious code occurred and clean scheduled, but unable to clean automatically. Review by website owner recommended (Patchman CLEAN state)

The following actions are available for detections:

Patch Resolve the vulnerability by patching the file.
Quarantine Resolve the malware detection by moving it to quarantine.
Delete Resolve the malware detection by removing the file.*
Undo patch Revert the vulnerability fix by restoring the original file.
Undo quarantine Revert the malware by fix restoring the original file.
Block Block all automatically scheduled tasks of the detection.
Unblock Resume all automatically schedule tasks of the detection.
Clean Remove detected malicious code from the file, leaving the file in place (Patchman CLEAN action)
Undo Revert the removal of detected malicious code from the file (Patchman CLEAN action)

(*) The Delete action is permanent and cannot be reverted.

Have more questions? Submit a request

Comments

Powered by Zendesk