Skip to main content

Modify Risk

Freda Briggman
Updated

Nodeware allow you to modify the risk level of one or more vulnerabilities directly within the dashboard. This feature is designed to helps you align vulnerability severity with your organization's actual risk—whether a vulnerability is already mitigated, doesn’t apply to your environment, or intentionally accepted.

The modifications are reflected (not included) in the calculation of the asset score. 

The Exceptions Report details all user created exceptions including:

  • Vulnerability modifications (Accepted Risk, False Positive, Compensating Control)
  • OS overrides
  • Decommissioned assets

To modify the risk for a single asset, do the following:

1.    Log into the Nodeware Dashboard at https://app.nodeware.com.
2.    Navigate to the Customer’s dashboard.
3.    Click Assets.
4.    Click the asset with the vulnerability.
5.    Modify the risk either by:


a. clicking the vulnerability to access the vulnerability details and click Modify
MR 1.jpg

On the Risk Modification screen, select the Modification Type and Expiration. Then, enter a reason for the exception. 

MR 2.jpg   MR 3.jpg

b. clicking the CVE icon to open the Detailed CVE View

MR 4.jpg

The Detailed CVE View appears.

MR 5.jpg

Select device, click Modify Risk, and enter the Modification Type, Expiration, reason for the exception, and select Selected Assets in the Apply to field.

 

To modify risk for multiple assets, do the following:

1.    Navigate to the Customer’s dashboard.
2.    Click Assets.
3.    Click the CVE icon to open the Detailed CVE View.

The Detailed CVE View appears.

MR 6.jpg

4.    Select multiple devices and click Modify Risk.
5.    Enter the Modification Type, Expiration, reason for the exception, and select Selected Assets in the Apply to field.
 

Once the risk has been modified:
•    The vulnerability will now display an updated risk tag
•    The modifications are recorded and are viewable in the Exceptions Report
•    Alerts will be suppressed if the CVE is no longer considered critical or high
 

To remove the modification, do the following:

1.    Navigate to the asset where the vulnerability is located.
2.    Click the Modified vulnerability.

MR 7.jpg

3.    Click Modified and then Remove.

MR 8.jpg

 


 

Related articles

Comments

0 comments

Article is closed for comments.

Powered by Zendesk