Adding Exceptions
You can add exceptions to vulnerabilities where necessary to manage your security posture effectively and avoid false positives.
What are Exceptions?
Exceptions allow you to adjust the severity of vulnerabilities in your scan results. By marking a High or Medium vulnerability as Low, the exception removes it from compliance calculations. This is particularly useful for handling false positives.
However, exceptions must be reviewed and approved by the Clone Systems SOC team before they become active.
How to Add Exceptions
To add an exception, follow these steps:
- Navigate to the Results -> Vulnerabilities page
- Click on the options menu of a specific vulnerability and select New Exception
- Choose the scope of the exception
- Host-based: Apply to all occurrences of this vulnerability on the same host
- Scan-based: Apply to all occurrences of this vulnerability across the entire scan (recommended for scans with multiple identical hosts)
- Provide a Justification explaining why the exception should be accepted.
- Click Save
Caution: Be careful when adding exceptions. It is strongly recommended to conduct a thorough review before applying an exception to ensure it does not overlook a critical security risk.
Exception Approval Process
Once you submit an exception request, the Clone Systems SOC team will review it and either approve or reject it with a reason.
You will receive an email notification informing you of the decision.
Impact on Compliance: Exceptions only lower the severity of vulnerabilities to Low, and this affects your compliance status. However, they will still appear in reports with a severity of 2.0 (Low).
By following these steps and best practices, you can effectively manage your scan results while maintaining security compliance.