AnsweredAssumed Answered

How to filter Information Gathering type vulnerabilities in Asset View?

Question asked by ds0101 on Dec 27, 2017
Latest reply on Jan 3, 2018 by DMFezzaReed

Is there a way to filter out Information Gathering type vulnerabilities from appearing in the Asset View ? 

I'm utilizing the Remediation workflow and have a policy to create tickets but also to skip certain Information Gathering QID's, prime example QID 105327 (Antivirus Product Detected on Windows Host). I already know I have antivirus on the devices and this QID adds to real value as it can not really be remediated. 

 

As such, we do not create tickets for this QID. However, under Asset View when I query for (vulnerabilities.vulnerability.description: "antivirus") the results show vulnerability types that include Information Gathering and Confirmed Vulnerabilities. Since I'm only creating tickets for Confirmed Vulnerabilities that affect antivirus products, I'd like to see in Asset View only Confirmed Vulnerabilities for those antivirus products.

 

Is there a way to create a query that only shows Confirmed Vulnerabilities? So far I have not been successful in creating a query that only gives Confirmed Vulnerabilities.

 

Thank you!

Happy Holidays!

Outcomes