Versions Compared

Old Version 21

changes.mady.by.user Former user

Saved on

compared with

New Version 22

changes.mady.by.user Luke Fritz (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Section
id141333073
Section
id141333093
Section
background-color$lightGrayColor
id141333072

Table of Contents
maxLevel3
minLevel3

Section
id141333083

Multimedia
namevuln exclusions mktg.mp4
width725
height400

Note

To fully use this feature, you must add the following permission to your account:

  • View Vulnerability Scans
  • Write New Vulnerability Report
  • View Vulnerability Exclusions
  • Write Vulnerability Exclusions
Note

Exclusions are not available on past scan reports and are only possible for future Vulnerability Scan reports.

With Vulnerability Exclusions, Armor is taking Vulnerability Scanning beyond reporting and giving users the ability to manage their vulnerability programs. Users can now exclude vulnerabilities on particular reports or silence them to be addressed later.

This can be a helpful tool in instances where:

  • Users are willing to accept the risk, such as machines that do not store critical data or when time and resources are a concern
  • Users cannot patch machines, such as when doing so might break an application or architecture
  • Users have specific Vendor needs that would require excluding assets from a Vulnerability Scan

Vulnerability Exclusions will also give users the ability to flag machines from the Vulnerability Report, allowing customers to build out an excluded assets workflow within their Vulnerability Management System.

Note

Exclusions are available on Qualys Vulnerability reports only.


Exclude a Vulnerability from a Report

  1. In the Armor Management Portal (AMP), in the left-side navigation, clickSecurity.
  2. ClickVulnerability Scanning.
  3. Click a Vulnerability Name in the left hand column.
  4. Click the Exclude Assets button.
  5. In the right-hand window, select your Exclusion parameters:
    1. Reason
    2. Expiration Date
      1. turn off the Never Expires toggle to set a custom expiration date
    3. Scope
  6. Use the check-boxes to select the assets for the Exclusion.
  7. Click the Exclude Assets button to save


To View/Cancel Exclusion Rules

  1. In the Armor Management Portal (AMP), in the left-side navigation, clickSecurity.
  2. ClickVulnerability Scanning.
  3. Click the Exclusions tab.
  4. For a given Vulnerability, hover over the Menu icon on the far right column of the table. The pop up menu provides 2 options, View and Remove Exclusions
    1. To view, click View.
      1. Exclusion rule details are read-only and cannot be altered
      2. You can click the Remove Exclusions button to cancel an exclusion from this view
    2. To Cancel, click Remove Exclusions.
      1. Click Remove Exclusions to confirm.


Related Documentation