Defining Vulnerability Exceptions (Beta)

You can flag the required vulnerabilities as exceptions for specific images and containers. This means that despite their identification, they are intentionally left unreported and unaddressed.

Vulnerability exceptions refer to specific vulnerabilities that have been identified within a containerized environment but are intentionally exempted from remediation measures.

Here are a few possible reasons for granting exceptions:

Watch this video to know how to define exceptions:


Before you begin: Create a list of QIDs that you want to define as an exception. See Creating a List of Vulnerabilities.

  1. Go to Exceptions > Vulnerability Exceptions, and click Create Exception.
  2. Enter a name for the exception.
  3. Select a reason for the exception and then provide an appropriate explanation for the same. You can select either of the following options:
    • False Positive: if a vulnerability is a false positive.
    • Risk Accepted: if the security team decides to tolerate or accept the level of risk associated with a vulnerability.
    • Other: Any other reasons such as compliance requirements, patch unavailability, and operation impact.
  4. Specify start and end dates for the exception, and click Next.
  5. In Scope Details, to define the scope of the exception, select Image or Container, and then select the images or containers on which the exceptions are to be added.

    With Image as the scope, if you add an exception on an image, it is automatically cascaded to containers spawned from the image.

  6. In Vulnerability List, select a list of QIDs and click Next. You can also create a new vulnerability list on the fly while selecting a list.

    You can select only one vulnerability list in an exception.

  7. Review the details and click Submit.

 

Related Links

Searching for Exceptions

Searching in KnowledgeBase


 

 

Was this topic helpful?

success Thank you! We're glad to hear that this topic was useful.
success We appreciate your feedback. We'll work to make this topic better for you in the future.