.Several vulnerability customization options give Managers greater control over how vulnerabilities appear in reports and how they are eventually prioritized for remediation. For example, by changing a vulnerability from a severity 2 to a severity 5, remediation tickets for the vulnerability could have a higher priority and shorter deadline for resolution.
Web application vulnerabilities cannot be edited.
Managers may edit vulnerability checks in the following ways: apply a new severity level to the vulnerability, add comments to the vulnerability content, or disable the vulnerability. Customized settings are global and changes appear to all users in the KnowledgeBase, in scan reports and in remediation tickets.
1. Select KnowledgeBase from the left menu, under Tools.
2. Identify
the vulnerability you want to change, and click .
3. Do any of the following:
• Change the severity level. Every vulnerability is assigned a severity level by the service. This "standard" severity level is decided based on the security risk associated with its exploitation. You can apply a different severity level by selecting a new level from the Severity Level menu. Note that if you change the severity level to something other than the default, the severity level will no longer be updated automatically by the service.
• Adding comments to vulnerability content. The descriptions for the vulnerability threat, impact and solution are read-only and you cannot change them. However, you can enter comments as plain text or HTML in the sections provided. Your comments will be appended to the service's text in reports. Click Restore Defaults at any time to remove all comments, clear the customization date, and reset the severity level to its original setting.
• Disable the vulnerability. Managers can disable vulnerabilities in order to globally filter them from all hosts in all scan reports. To do so, select the Disable this vulnerability check box. Disabled vulnerabilities are filtered from reports, host information, asset search results and your dashboard. You may include disabled vulnerabilities in scan reports by changing report filter settings. Disabled vulnerabilities appear grayed out whenever referenced. They appear grayed out in the KnowledgeBase and in vulnerability scan results.
4. Click Save.
A pencil
appears
next to each vulnerability in the KnowledgeBase with customized content
and/or severity level. Use search options in the KnowledgeBase to find
all vulnerabilities that were edited or disabled. See Vulnerability
Search Criteria for more information.