Follow

Suppressing vulnerabilities

RedShield has a vulnerability suppression feature. Using this will hide alerts about vulnerabilities as well as move them out of the unresolved action items list. Suppression is most commonly used to hide vulnerabilities that are being fixed by 3rd parties or are going to take a while to resolve. There are a few different ways to suppress vulnerabilities along with a few options available to you; below is a quick guide to suppressing vulnerabilities.

If you think a vulnerability is a false positive then you can create a comment with a consultant alert. A consultant will be able to check your suspected false positive; if confirmed, a consultant will mark the vulnerability as false positive and move it to the false positives tab.

 Note: It is important to remember that suppressed vulnerabilities will be moved from the unresolved tab into the suppressed one. Suppressing a vulnerability does not resolve the issue.

 

This article covers:

Viewing suppressed vulnerabilities

Suppression Types

Suppressing a vulnerability

Un-suppressing a vulnerability

 Viewing suppressed vulnerabilities:

You can view your suppressed items by clicking on the vulnerabilities menu and then clicking suppressed under the 'Managed' dropdown.

Suppression Types:

The RedShield portal offers two types of vulnerability suppression they are:

  1. Until [date] - This option allows you to choose a date, the vulnerability will be suppressed until that date. This option is ideal is the vulnerability is going to be resolved by a date.
  2. Forever: - Using this option will suppress a vulnerability forever, you probably don't want to use this option. It is most often used if you have accepted the risk and have no intention to resolve the issue. If you think the issue is a false positive you should alert a consultant and get them to confirm your vulnerability instead.

Suppressing a vulnerability

There are two ways to suppress a vulnerability:

Single Suppression:

  1. Open the vulnerability modal (double click the table row) of the vulnerability you want to suppress
  2. Set the status to 'Managed'
  3. For 'Manage as' choose 'suppress'
  4. Select a date to suppress until, or choose to suppress forever
  5. Enter in a reason for the suppression in the comment box
  6. If you would like to alert a consultant check the alert consultant box.
  7. Click save

Bulk Suppression

  1. Select the vulnerabilities you would like to suppress
  2. Select the update vulnerabilities action (right click on table to access bulk actions)
  3. Set the status to 'Managed'
  4. For 'Manage as' choose 'suppress'
  5. Select a date to suppress until, or choose to suppress forever
  6. Enter in a reason for the suppression in the comment box
  7. If you would like to alert a consultant check the alert consultant box.
  8. Click save

Unsuppressing a vulnerability

RedShield has two options for unsuppressing a vulnerability.

Single Action:

  1. Open the vulnerability modal (double click the table row) of the vulnerability you want to unsuppress
  2. Set the status to 'unresolved'
  3. Enter in a reason for the unsuppression in the comment box
  4. If you would like to alert a consultant check the alert consultant box.
  5. Click save

Bulk Action:

  1. Select the vulnerabilities you would like to unsuppress
  2. Select the update vulnerabilities bulk action (right click on table to access bulk actions)
  3. Set the status to 'unresolved'
  4. Enter in a reason for the unsuppression in the comment box
  5. If you would like to alert a consultant check the alert consultant box.
  6. Click save

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments