• EnglishEspañol日本語한국어Português
  • Log inStart now

Change vulnerability status

New Relic Vulnerability Management can detect a number of vulnerabilities across your system. While most of these vulnerabilities may need remediation, some might be not be applicable to your environment. For example, your internal policies might categorize them as low risk or limited exposure due to how your systems leverage the potentially vulnerable component.

For vulnerabilities you're not interested in, you can set the Status to Ignored so they no longer appear in the UI. Since each vulnerability is tied to one or more entities, you can do the following:

  • Ignore individual vulnerabilities for an entity
  • Ignore a vulnerability that appears across multiple entities

You can always change the status from Ignored back to Affected if you decide a vulnerability is worth tracking again.

Ignore a vulnerability

Tip

Before you ignore a vulnerability, keep in mind that this change prevents other users with account access from seeing that vulnerability.

When you choose to ignore a vulnerability, you'll be prompted to explain the rationale behind the decision. For example, you might say that the vulnerable code is not used in the system and isn't currently relevant. We recommend that when you give this context, you also provide supplemental documentation when possible.

We'll also prompt you to set a duration for the Ignored status. Vulnerability Management will perform an automatic update that changes it from Ignored to Affected when the time period is up. If a vulnerability is already considered No Longer Detected, the status will remain no longer detected.

Restore ignored vulnerabilities

It's good practice to review ignored vulnerabilities and validate whether they should stay ignored. We recommend that you review your vulnerabilities every 90 days to ensure you aren't introducing risk into your system.

If you change the status from Ignored to Affected for a specific entity, that reintroduces the vulnerability into default views and counts against this entity. Instances of this vulnerability on other entities remain ignored.

To find ignored vulnerabilities to see if you want to track them again, follow the instructions below:

Copyright © 2024 New Relic Inc.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.