Vulnerability Scanning Exclusions

Owned by Aaron Gabriel (Deactivated)
Last updated: 04 March 2024 by Aaron Gabriel (Deactivated)
2 min read

 

vulnexclusions.mp4

To fully use this feature, you must add the following permission to your account:

  • View Vulnerability Scans

  • Write New Vulnerability Report

  • View Vulnerability Exclusions

  • Write Vulnerability Exclusions

Exclusions are not available on past scan reports and are only possible for future Vulnerability Scan reports.

With Vulnerability Exclusions, Armor is taking Vulnerability Scanning beyond reporting and giving users the ability to manage their vulnerability programs. Users can now exclude vulnerabilities on particular reports or silence them to be addressed later.

This can be a helpful tool in instances where:

  • Users are willing to accept the risk, such as machines that do not store critical data or when time and resources are a concern

  • Users cannot patch machines, such as when doing so might break an application or architecture

  • Users have specific Vendor needs that would require excluding assets from a Vulnerability Scan

Vulnerability Exclusions will also give users the ability to flag machines from the Vulnerability Report, allowing customers to build out an excluded assets workflow within their Vulnerability Management System.

Exclusions are available on Qualys Vulnerability reports only.



Exclude a Vulnerability from a Report

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Security.

  2. Click Vulnerability Scanning.

  3. Click a Vulnerability Name in the left hand column.

  4. Click the Exclude Assets button.

  5. In the right-hand window, select your Exclusion parameters:

    1. Reason

    2. Expiration Date

      1. turn off the Never Expires toggle to set a custom expiration date

    3. Scope

  6. Use the check-boxes to select the assets for the Exclusion.

  7. Click the Exclude Assets button to save

To View/Cancel Exclusion Rules

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Security.

  2. Click Vulnerability Scanning.

  3. Click the Exclusions tab.

  4. For a given Vulnerability, hover over the Menu icon on the far right column of the table. The pop up menu provides 2 options, View and Remove Exclusions

    1. To view, click View.

      1. Exclusion rule details are read-only and cannot be altered

      2. You can click the Remove Exclusions button to cancel an exclusion from this view

    2. To Cancel, click Remove Exclusions.

      1. Click Remove Exclusions to confirm.

Related Documentation

Â