Hi all!
Going one step forward in the vulnerabilities operation, we have included a new capability in the Vulnerability list, where you can ignore certain vulnerabilities and set the reason why.
This helps get a more focused list of the vulnerabilities threatening your inventory by ignoring the ones irrelevant to you!
👉 Ignore vulnerabilities and select why they will be ignored: False positive, Risk acceptance, Not relevant.
👉 Undo the action if needed by reactivating the vulnerability.
As you can see in the screenshot below, two new elements were incorporated in the vulnerabilities section inside Security Insights:
- A new Ignored vulnerabilities view where all the ignored vulnerabilities will be moved.
- In the active vulnerabilities list, a new action button on the top right(close to the search box) will allow ignoring the vulnerabilities, one or multiple at the same time.
As it was mentioned above, you can set the reason why you are ignoring a vulnerability: false positive, risk accepted, or not relevant. It is mandatory providing a reason before being allowed to CONFIRM:
And remember you can always revert the vulnerability back to the active list. Just select the ones to revert and click reactivate as you can see below:
Thanks for reading it and please write a comment with any feedback that could help us to improve the product. I will be attentive to it!
Hi again!
I want to share some usability improvements we are introducing on the ignore functionality.
- The more relevant is you can now ignore or reactivate a vulnerability directly from any vulnerability details. That makes it easier having the possibility to review the vulnerability before deciding to ignore/reactivate it:
- Additionally, we also added the vulnerability status (Active or Ignored) to the details page, so you don't need to remember it when you are on the details page from a vulnerability:
I hope these improvements are helpful, and if you have any feedback or idea to share with us, you can write a post just here.
Thanks!
