Suppressing Vulnerabilities FAQ

Follow

This page answers questions about Threat Stack’s default suppression list, how to suppress a vulnerability, and what suppressing or unsuppressing, a vulnerability means.

Why do I see default suppressions in Threat Stack?

Based on extensive research, Threat Stack created a list of default vulnerabilities based on the following reasons:

  • Low priority or not an issue
  • No fix or patch available
  • Not applicable due to configuration

Can I suppress a vulnerability, what does it mean to suppress it?

Yes, you can suppress all vulnerabilities for a package or an individual vulnerability for a package.

If you suppress a vulnerability, then the vulnerability for that package version is no longer assessed during a Vulnerability Assessment scan. It will display on the suppressed vulnerabilities list, and will no longer be listed as an active vulnerability.

Note

Threat Stack finds and logs suppressed vulnerabilities. Suppressing a vulnerability hides it and keeps you from viewing it in your report.

How do I suppress a vulnerability?

You can suppress vulnerabilities by package or by individual vulnerability.

To suppress a vulnerability by package:

  1. Go to Servers > Vulnerabilities tab > Active Vulnerabilities button. The suppressed vulnerability list displays.


    SuppressVulnPkg.png

  2. Select the check box next to the package. All vulnerabilities in the package select.
  3. Click the Actions button. The Actions pane displays.
  4. In the Reason section, select one of the radio buttons.
  5. Click the Suppress [#] Vulnerabilities button. Threat Stack suppresses the vulnerabilities in that package.

To suppress an individual vulnerability:

  1. Go to Servers > Vulnerabilities tab > Active Vulnerabilities button. The suppressed vulnerability list displays.


    SuppressVulnIndiv.png

  2. Select the check box next to the individual vulnerability to suppress.
  3. Click the Actions button. The Actions pane displays.
  4. In the Reason section, select one of the radio buttons.
  5. Click the Suppress [#] Vulnerabilities button. Threat Stack suppresses the vulnerability across all packages.

How do I unsuppress a vulnerability?

You can remove a vulnerability suppression in Threat Stack. Removing a vulnerability enables the vulnerability assessment to evaluate that vulnerability and package version in subsequent scans.   

  1. Go to Servers > Vulnerabilities tab > Suppressed Vulnerabilities button. The suppressed vulnerability list displays.


    UnsuppressVuln.png

  2. Select the check box next to the vulnerability to unsuppress.
  3. Click the Actions button. The Actions pane displays.
  4. Click the Remove [#] Suppression button. The vulnerability is no longer suppressed.

Articles in the Vulnerability Assessment Series

Vulnerability Assessment Feature

Vulnerability Assessment FAQ

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.