General Settings

You can define the default approval behavior for the exception management and false positive reporting process.

For exception management and false positive reporting, you need three approvals - first from the infrastructure or application group and two security approvals from the security team and security board. However, you can modify this to the customized approval.

You can customize the approval in the following ways:

Approval Configuration Default

Perform the following steps in the Approval Configuration Default tab:

  1. Infrastructure or  Application Owner Approval Defaults section, define the following fields:

    general_settings_default

    Infrastructure / App Owner Approval Type - Select the Vulnerability Incident Field for the built-in approval process based on the field value from a vulnerability incident.

    Select Custom to disable the built-in approval step for Infrastructure / Application Owner Approval.

  2. Approval Group: Infrastructure / App Owner Incident Field—When utilized, Select a field to use as a default for the Infrastructure Approval.

    Infrastructure/ App Owner Default Approval Group—If the automated selection does not resolve to a valid group, select the group to use for infrastructure approval.

    In the Security Approval Defaults section, define the group of users responsible for the security review of a vulnerability incident.

    general_settings_default-2

  3. Approval Group: Security Team - Group of users responsible for approval whenever a Vulnerability Incident requires review by the Security Team.

  4. Approval Group: Security Board - Group of users responsible for approval whenever a Vulnerability Incident requires review by the Security board.

Exception Process

Perform the following steps in the Exception Process tab:

  1. Select the template that has to be used by default when the vulnerability incident's state changes to Exception—Identified.

    exception_process

  2. Select the template from the available templates or create a new template that includes the exception reason.

False Positive Process

Perform the following steps in the Exception Process tab:

  1. Select the template that should be used by default when the vulnerability incident's state changes to Exception—Identified.

    false_positive_process

  2. Select the template from the available templates or create a new template that includes the exception reason.

Related Topic

Exceptions

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.