Skip navigation
2735 Views 6 Replies Latest reply: Nov 5, 2012 11:46 AM by apedret RSS
apedret Level 1 25 posts since
Dec 9, 2010
Currently Being Moderated

May 4, 2012 1:47 PM

Maintaining vulnerability ignore status

We  have a challenge maintaining the Ignore status of vulnerabilities against assets that have been waived from Active reporting.

By default a new  vulnerability's status is Active and reported as such.

 

What options are available to Ignore an asset's vulnerabilities on a recurring basis or otherwise as new vulnerabilities are detected?

 

Any constructive feedback in appreciated.

 

Tony Pedretti

  • pklahn Level 2 148 posts since
    Jul 26, 2010
    Currently Being Moderated
    May 9, 2012 10:26 AM (in response to apedret)
    Maintaining vulnerability ignore status

    Tony -- two ways to ignore a vulnerability for a given host or hosts --

     

    1. within the html scan report we can choose the interactive "ignore vulnerability" selection for a vulnerability on a chosen host. This will place it in an ignored state for that host going forward.

     

    2.. within the remediation module, you can create a rule to ignore vulnerabilities (defined by a search list) for specific hosts (defined by asset groups / IP's). This method would put the vulnerabilities for those hosts in an ignored state after the next scan (assuming that rule in the remediation policy is acted on before another rule)

     

    Let me know if you want to Webex it or we can go over it in person.

     

    -Paul

      • pklahn Level 2 148 posts since
        Jul 26, 2010
        Currently Being Moderated
        May 11, 2012 2:56 PM (in response to apedret)
        Re: Maintaining vulnerability ignore status

        It will put the vulnerability in an ignored state for those hosts.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 6 points