Manage cloud misconfiguration status

New Relic Security RX Cloud can detect misconfigurations across your cloud resources. While most misconfigurations need remediation, some might not be applicable to your environment. For example, your internal policies might categorize them as low risk or limited exposure due to how your cloud resources are configured or used.

For misconfigurations you're not interested in tracking, you can set the Status to Ignored so they no longer appear in the UI. Since each misconfiguration is tied to one or more cloud resources, you can:

Ignore individual misconfigurations for a specific resource
Ignore a misconfiguration that appears across multiple resources

You can always change the status from Ignored back to Affected if you decide a misconfiguration is worth tracking again.

Tip

Before you ignore a misconfiguration, keep in mind that this change prevents other users with account access from seeing that misconfiguration.

Ignore a misconfiguration

When you choose to ignore a misconfiguration, you'll be prompted to explain the rationale behind the decision. For example, you might say that the resource is not exposed to the internet or that compensating controls are in place. We recommend that when you give this context, you also provide supplemental documentation when possible.

You'll also be prompted to set a duration for the Ignored status. Security RX Cloud will automatically change it from Ignored to Affected when the time period expires. If a misconfiguration is already No Longer Detected, the status will remain no longer detected.

You can manually ignore misconfigurations for specific resources. Once you set the status to Ignored, we'll exclude this from the summary tiles and misconfiguration list by default. Other instances of this misconfiguration on other resources will still keep the Affected status.

Go to one.newrelic.com > All capabilities > Security RX > Cloud
Click the Misconfigurations tab
Select the misconfiguration you want to review
In the Area of Impact section, find the specific resource you want to ignore
Select the resource
Click the Change to ignored button
Fill out the form to explain the reasoning behind ignoring this misconfiguration, including a time period

Go to one.newrelic.com > All capabilities > Security RX > Cloud
Click the Misconfigurations tab. By default, this view filters to misconfigurations where at least one resource is marked Affected
Choose the misconfiguration you want to ignore
In the Area of Impact section, select each resource you want to ignore
Click the Change to ignored button
Fill out the form to explain the reasoning behind ignoring this misconfiguration, including a time period

Restore ignored misconfigurations

It's good practice to review ignored misconfigurations and validate whether they should stay ignored. We recommend reviewing your misconfigurations every 90 days to ensure you aren't introducing risk into your cloud environment.

If you change the status from Ignored to Affected for a specific resource, that reintroduces the misconfiguration into default views and counts against this resource. Instances of this misconfiguration on other resources remain ignored.

Go to one.newrelic.com > All capabilities > Security RX > Cloud
Click the Misconfigurations tab
Update the filter from Status = Affected to Status = Ignored. This displays all ignored misconfigurations
Choose the misconfiguration you want to update
In the Area of Impact section, select the resource you want to update
Click Change to affected
Fill out the form to explain the reasoning behind changing this misconfiguration to Affected

Go to one.newrelic.com > All capabilities > Security RX > Cloud
Click the Misconfigurations tab
From the settings cog, click the Ignored checkbox. This adds an ignore column to your misconfiguration table
Select a misconfiguration with an Ignored count greater than 0
Update the filter from Status = Affected to Status = Ignored
In the Area of Impact section, select the resources you want to mark Affected
Click Change to affected
Fill out the form to explain the reasoning behind changing this misconfiguration to Affected

What's next?

Set up alerts

Get notified when cloud misconfigurations are detected

Query security data

Track status changes and remediation metrics with NRQL

Understand prioritization

Learn how cloud misconfigurations are ranked by risk