Want to ignore a vulnerability?

You can ignore confirmed and potential vulnerabilities so they don't appear as actionable issues for your vulnerability management program. A vulnerability can be ignored for an instance, in other words a host/vulnerability/port.

Why ignore vulnerabilities

By ignoring vulnerability instances:

- You won't see these vulnerabilities throughout the UI (host information, asset search results, your dashboard, etc).

- These vulnerabilities will no longer appear in template based scan reports with host based findings.

- We'll close any remediation tickets for these vulnerabilities automatically. (Are you an Express Lite user? If yes, remediation ticket options do not apply.)

How do I ignore a vulnerability

You can ignore a vulnerability while viewing vulnerability details in the UI (host information). Simply hover over the desired host and click View Host Information icon . Then from the Vulnerabilities tab select a vulnerability, place your cursor over the menu icon Remediation Action icon in reports and select Ignore vulnerability.

You can also ignore vulnerabilities from within template based reports with host based findings. Just navigate to a vulnerability, place your cursor over the menu icon Remediation Action icon in reports  and select Ignore vulnerability.

Once a vulnerability is ignored it is not listed in Asset Search. However, in AssetView the ignored vulnerabilities are listed by default and you need to use an additional query to filter them out.

Tell me about QIDs that cannot be ignored

Tell me about user permissions

We'll create a ticket if there's isn't one for the issue

How do I filter out vulnerabilities globally

Managers can filter vulnerabilities on a global basis, across all hosts, by disabling them. Just edit the vulnerability in the KnowledgeBase and select "Disable this vulnerability". Note - Disabling vulnerabilities will not result in the automatic closing of tickets because the setting applies to all your hosts.

Still have questions?

Still see an ignored vulnerability in my report?

How do I include ignored vulnerabilities in my report?