New Relic Vulnerability Management can detect a number of vulnerabilities across your system. While most of these vulnerabilities may need remediation, some might be not be applicable to your environment. For example, your internal policies might categorize them as low risk or limited exposure due to how your systems leverage the potentially vulnerable component.
For vulnerabilities you're not interested in, you can set the Status to Ignored so they no longer appear in the UI. Since each vulnerability is tied to one or more entities, you can do the following:
Ignore individual vulnerabilities for an entity
Ignore a vulnerability that appears across multiple entities
You can always change the status from Ignored back to Affected if you decide a vulnerability is worth tracking again.
Ignore a vulnerability
Tip
Before you ignore a vulnerability, keep in mind that this change prevents other users with account access from seeing that vulnerability.
When you choose to ignore a vulnerability, you'll be prompted to explain the rationale behind the decision. For example, you might say that the vulnerable code is not used in the system and isn't currently relevant. We recommend that when you give this context, you also provide supplemental documentation when possible.
We'll also prompt you to set a duration for the Ignored status. Vulnerability Management will perform an automatic update that changes it from Ignored to Affected when the time period is up. If a vulnerability is already considered No Longer Detected, the status will remain no longer detected.
You can manually ignore vulnerabilities for specific entities. Once you set the status of a vulnerability to Ignored, we’ll exclude this from the summary tiles and vulnerability list by default. Other instances of this vulnerability on other entities will still keep the Affected status.
Go to one.newrelic.com > All entities > (select your entity) > Vulnerability Management > Click the Vulnerabilities tab, and then select the vulnerability you want to ignore. If you don't see the vulnerability you want to manage, it might already have the Ignored status.
To update the status to Ignored, click the Change to ignored button.
Fill out the form to explain the reasoning behind ignoring this vulnerability. Include a time period that the vulnerability should be ignored.
Go to one.newrelic.com > All capabilities > Vulnerability Management > Click the Vulnerabilities tab, then choose the vulnerability you want to ignore. By default, this view filters to vulnerabilities where at least one entity is marked Affected.
Referring to Area of Impact, select each entity you want to ignore, then click the Change to ignored button.
Fill out the form to explain the reasoning behind ignoring this vulnerability. Include a time period that the vulnerability should be ignored.
Restore ignored vulnerabilities
It's good practice to review ignored vulnerabilities and validate whether they should stay ignored. We recommend that you review your vulnerabilities every 90 days to ensure you aren't introducing risk into your system.
If you change the status from Ignored to Affected for a specific entity, that reintroduces the vulnerability into default views and counts against this entity. Instances of this vulnerability on other entities remain ignored.
To find ignored vulnerabilities to see if you want to track them again, follow the instructions below:
Go to one.newrelic.com > All entities > (select the entity you want to update) > Vulnerability Management > Click the Vulnerabilities tab.
Update the filter from Status = Affected to Status = Ignored. This updates the default Affected view to instead display all the ignored vulnerabilities.
Choose the vulnerability that you want to update, then click Change to affected.
Fill out the form to explain the reasoning behind changing this vulnerability to Affected.
Go to one.newrelic.com > All capabilities > Vulnerability Management > Click the Vulnerabilities tab.
From the settings cog, click the Ignored checkbox. This adds an ignore column to your vulnerability table.
Select a vulnerability with an Ignored count greater than 0.
Update the filter from Status = Affected to Status = Ignored.
In the Area of Impact section, select the entities you want to mark Affected.
Fill out the form to explain the reasoning behind changing this vulnerability to Affected.
