Suppress or Unsuppress Vulnerabilities

Follow

 

Default Vulnerability Suppression Overview

Based on extensive research, Threat Stack created a list of default suppressions based on the following reasons:

  • Low priority or not an issue
  • No fix or patch available
  • Not applicable due to configuration

You can choose to create additional suppressions or remove an existing suppressions, even the Threat Stack default suppressions, at any time.

To learn more, review the Vulnerability Assessment Feature article.

Suppress a Vulnerability

Warning

The suppression of a vulnerability impacts the entire Threat Stack organization. If you suppress a vulnerability, the next time the Vulnerability Assessment runs it will not report on that suppression, even if it is found on new servers and agents.

You can suppress vulnerabilities by package or by individual vulnerability.

To suppress a vulnerability by package:

  1. Go to Servers > Vulnerabilities tab > Active Vulnerabilities button. The suppressed vulnerability list displays.


    SuppressVulnPkg.png

  2. Select the check box next to the package. All vulnerabilities in the package select.
  3. Click the Actions button. The Actions pane displays.
  4. In the Reason section, select one of the radio buttons.
  5. Click the Suppress [#] Vulnerabilities button. Threat Stack suppresses the vulnerabilities in that package.

To suppress an individual vulnerability:

  1. Go to Servers > Vulnerabilities tab > Active Vulnerabilities button. The suppressed vulnerability list displays.


    SuppressVulnIndiv.png

  2. Select the check box next to the individual vulnerability to suppress.
  3. Click the Actions button. The Actions pane displays.
  4. In the Reason section, select one of the radio buttons.
  5. Click the Suppress [#] Vulnerabilities button. Threat Stack suppresses the vulnerability across all packages. 

Unsuppress a Vulnerability

Warning

The unsuppression of a vulnerability impacts the entire Threat Stack organization. If you unsuppress a vulnerability, the next time the Vulnerability Assessment runs it will report on that vulnerability.

  1. Go to Servers > Vulnerabilities tab > Suppressed Vulnerabilities button. The suppressed vulnerability list displays.


    UnsuppressVuln.png

  2. Select the check box next to the vulnerability to unsuppress.
  3. Click the Actions button. The Actions pane displays.
  4. Click the Remove [#] Suppression button. The vulnerability is no longer suppressed.

 

Articles in the Vulnerability Assessment Series

Vulnerability Assessment Feature

Vulnerability Assessment FAQ

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

2 comments
  • Is there any way to annotate the suppression other than to choose other? Would like to mark a false positive and provide some references for the basis of that decision.

  • Hi Darryl,

    When you select "other" you can fill out your research and rationale in the text box beneath. And you have access to those notes when you review your suppressed vulnerabilities.

    Megan

Article is closed for comments.